Upload
rahul-banga
View
214
Download
0
Embed Size (px)
Citation preview
7/28/2019 3dpassword.pptx
1/19
3-D Password Scheme
For more secure authentication
Name: Rahul BanghaSemester:8thBranch: Computer ScienceEnrollment No: SGVU091083096Suresh Gyan Vihar University
7/28/2019 3dpassword.pptx
2/19
Authentication
Authentication is a process of validatingwho are you to whom you claimed to be
Human authentication techniques are as
follows:1. Knowledge Base (What you know)
2. Token Based(what you have)
3. Biometrics(what you are)
4. Recognition Based(What you recognise)
7/28/2019 3dpassword.pptx
3/19
Common Authentication
Techniques used in computerworld1. Textual Passwords(Recall Based)-:Recall
what you have created before.
7/28/2019 3dpassword.pptx
4/19
2. Graphical Passwords:
(Recall Based+Recognition Based)
Biometric schemes
(fingerprints,voice recognition etc)
7/28/2019 3dpassword.pptx
5/19
Drawbacks
Textual Password: Textual Passwords should be easy to
remember at the same time easy to guess
Full password space for 8 characters
consisting of both numbers and characters is2 X 10
From an research 25% of the passwords outof 15,000 users can guessed correctly by
using brute force dictionary
7/28/2019 3dpassword.pptx
6/19
Drawbacks
Graphical Password Graphical passwords can be easily
recorded as these schemes take a longtime.
One main drawback of applying biometricis its intrusiveness upon a users personnelcharacteristics.
They require special scanning device to
authenticate the user which is notacceptable for remote and internet usersnormally.
7/28/2019 3dpassword.pptx
7/19
3D PASSWORD SCHEME
The 3D Password scheme is a newauthentication scheme that combine
RECOGNITION
+ RECALL
+TOKENS
+BIOMETRIC
In one authentication system
7/28/2019 3dpassword.pptx
8/19
The 3D password presents a virtualenvironment containing various virtual
objects.
The user walks through the environment
and interacts with the objects
The 3d Password is simply thecombination and sequence of user
interactions that occur in the 3Denvironment
7/28/2019 3dpassword.pptx
9/19
3D Password selection
Virtual objects can be any object weencounter in real life:
A computer on which the user can type
A fingerprint reader that requires users fingerprint
A paper or white board on which user can typeA Automated teller(ATM) machine that requires a token
A light that can be switched on/off
A television or radio
A car that can be driven
A graphical password scheme
7/28/2019 3dpassword.pptx
10/19
For EXAMPLE:
Let us assume the user enters a virtual
office then performs the following action: (10,24,91) Action=Open office door
(10,24,91) Action=Close office door
(4,34,18) Action=Tpeine,C
(4,34,18) Action=Typing,O
(4,34,18)Action=Typing,N
(10,24,80)Action=Pick up the pen
(1,18,80)Action=Draw point=(330,130)
7/28/2019 3dpassword.pptx
11/19
7/28/2019 3dpassword.pptx
12/19
7/28/2019 3dpassword.pptx
13/19
7/28/2019 3dpassword.pptx
14/19
3D Passwords Differentiators
Flexibility:3D Passwords allows Multifactorauthentication biometric , textual passwordscan be embedded in 3D password technology.
Strength: This scenario provides almostunlimited passwords possibility.
Ease to Memorize: can be remembered in theform of short story.
Respect of Privacy: Organizers can selectauthentication schemes that respect usersprivacy.
7/28/2019 3dpassword.pptx
15/19
3D Password Application Areas
Critical Servers
Nuclear and military Facilities
Airplanes and JetFighters
ATMs,Desktop and Laptop Logins, WebAuthentication
7/28/2019 3dpassword.pptx
16/19
Attacks and Countermeasures
Brute Force Attack: The attack is very difficultbecause
1. Time required to login may vary form 20s
to 2 min therefore it is very timeconsuming.
2. Cost of Attack: A 3D Virtual environmentmay contain biometric object ,the attackerhas to forge all biometric information.
7/28/2019 3dpassword.pptx
17/19
Attacks and Countermeasures Well Studied Attack: Attacker tries to get
the most probable distribution of 3D
Password. This is difficult becauseattacker has to perform customized attackfor different virtual environment .
7/28/2019 3dpassword.pptx
18/19
Shoulder Surfing Attacks: Attacker usescamera to record the users 3D passwords. This
attack is more successful.
Timing Attack: The Attacker observes howlong it takes the legitimate user to performcorrect log in using 3D Password. Which gives anindication of 3-D Passwords length. This attackcannot be successful since it gives the attacker
mere hints.
7/28/2019 3dpassword.pptx
19/19
QUERIES ??...