Doodles: A Hash Visualization Scheme

Abstract

Several authentication techniques and security protocols require users to compare hash strings in different forms like cryptographic keys, addresses, and identifiers. As these hash values are long sequences of digits and alphanumeric strings, there is quite a chance that humans may have problems in precise comparisons of the hash values. Also, considerable time and effort are required for these strings. If the hash values are not compared properly, this raises a high probability of a man in-the-middle attack. The adversary performing such attacks can take advantage of human limitations for instance users are slow and inaccurate while comparing long pointless strings. These constraints increase the negative effects on the security of verification and validation of certain applications and user authentication. To perform secure communication, there is a need for a secure and usable mechanism for hash representations. In this research study, the textual and alphanumeric sequences of different hash forms like cryptographic keys and addresses are converted to visual fingerprints that make it easy for humans to perform comparisons. Graphical representations are a promising substitute for hash comparisons because humans can speedily identify dissimilarities in graphical images. We propose Doodle images as a hash visualization technique. The hash value is represented as a sequence of doodles that is easy to visualize as well as compare. It is easy for any technical or non-technical user to compare and authenticate the doodle hash images as compared to traditional hashes. This research work focuses on the implementation of various visualization techniques and performing a comparative analysis. The goal is to determine which conversion method provides the accurate results of comparison as well as which one is fastest and caters the human limitations. So, these techniques are compared and evaluated with each other and with the proposed doodle hash representation. This is done by performing an online usability study with different participants.