3d-pswdx - EyeHunt

minorbigarmΑσφάλεια

30 Νοε 2013 (πριν από 3 χρόνια και 6 μήνες)

107 εμφανίσεις


3D
-
password

A more secured authentication

G.Suresh babu

Roll no:08H71A05C2

Computer science & engineering

Mic college of technology

Guide:Mrs A.Jaya Lakshmi


Contents


What is Authentication


Existing system


Drawbacks in existing system


Proposed system


Advantages with proposed system


Applications


Attacks


Conclusion


Authentication


Authentication is a process of validating who are you
to whom you claimed to be.



Human authentication techniques are as follows:

1.Knowledge Base (What you know)

2.Token Based(what you have)

3.Biometrics(what you are)

Three Basic Identification Methods of password


Password


PIN


Keys


Passport


Smart Card


Face


Fingerprint


Iris

Possession

(“something I have”)

Biometrics

(“something I am”)

Knowledge

(“something I know”)


Drawbacks



Textual Password:


Textual Passwords should be easy to remember at the same time hard to
guess


Full password space for 8 characters consisting of both numbers and
characters is 2 X 10¹




From an research 25% of the passwords out of 15,000 users can be
guessed correctly by using brute force dictionary

Graphical Password



One

main

drawback

of

applying

biometric

is

its

intrusiveness

upon

a

users

personnel

characteristics
.



They

require

special

scanning

device

to

authenticate

the

user

which

is

not

acceptable

for

remote

and

internet

users
.









3d

password



The 3D Password is a multifactor


authentication scheme that combine


RECOGNITION


+ RECALL


+TOKENS


+BIOMETRIC


In one authentication system



The 3D password presents a virtual environment containing various
virtual objects.




The user walks through the environment and interacts with the objects




The 3d Password is simply the combination and sequence of user
interactions that occur in the 3D environment




Snapshot of a virtual environment , which contains 36

pictures and six computers as virtual objects






3D environment






Virtual objects can be any object we encounter in real life:


A computer on which the user can type


A fingerprint reader that requires users fingerprint


A paper or white board on which user can type


A Automated teller(ATM) machine that requires a token


A light that can be switched on/off


A television or radio


A car that can be driven


A graphical password scheme



Virtual objects





The action towards an object that exists in location (x1,y1,z1)


is different from action towards an another object at (x2,y2,z2).



Therefore ,to perform the legitimate 3d password the user must follow
the same scenario performed by the legitimate user.



This means interacting with the same objects that reside at exact
location and perform the exact actions in the proper sequence

System implementation



example



Let us consider a 3D virtual environment space of size G
×
G
×

G. The 3D
environment space is represented by the coordinates (x, y, z)


[1, . . . , G]
×
[1, . . . , G]
×
[1, . . . , G].



The objects are distributed in the 3D virtual environment with unique (x, y,
z) coordinates. We assume that the user can navigate into the 3D virtual
environment and interact with the objects using any input device such as a
mouse, key board, fingerprint scanner, iris scanner, stylus, card reader, and
microphone
.





For

example,

consider

a

user

who

navigates

through

the

3
D

virtual

environment

that

consists

of

an

office

and

a

meeting

room
.

Let

us

assume

that

the

user

is

in

the

virtual

office

and

the

user

turns

around

to

the

door

located

in

(
10
,

24
,

91
)

and

opens

it
.

Then,

the

user

closes

the

door
.

The

user

then

finds

a

computer

to

the

left,

which

exists

in

the

position

(
4
,

34
,

18
),

and

the

user

types

“CAT
.


The

initial

representation

of

user

actions

in

the

3
Dvirtual

environment

can

be

recorded

as

follows
:
:





*(10, 24, 91) Action = Open the office door;


*(10, 24, 91) Action = Close the office door;


*(4, 34, 18) Action = Typing, “C”;


*(4, 34, 18) Action = Typing, “A”;


*(4, 34, 18) Action = Typing, “T”;





Flexibility
: 3D Passwords allows Multifactor
authentication biometric , textual passwords can be
embedded in 3D password technology.


Strength
: This scenario provides almost unlimited
passwords possibility.


Ease to Memorize
: can be remembered in the form of
short story.


Respect of Privacy
: Organizers can select authentication
schemes that respect users privacy.

Advantages



Applications

The

3
D

password

can

have

a

password

space

that

is

very

large

compared

to

other

authentication

schemes,

so

the

3
D

password’s

main

application

domains

are

protecting

critical

systems

and

resources
.



Critical Servers:






Nuclear Reactors & military Facilities:





Airplanes and missile Guiding:





Applications


In addition,3D password can also be used in less critical systems


A small virtual environment can be used in the following systems like



Atm



Personal digital assistance



Desktop computers & laptops



Web authentication etc..,







Attacks and counter measures





Brute Force Attack





Well studied Attack





Shoulder
--
surfing Attack



Conclusion



The authentication can be improved with 3d password ,because the un
-

authorized person may not interact with same object at a particular
location as the legitimate user.



It is difficult to crack ,because it has no fixed no of steps and a particular
procedure




Added with biometrics and token verification this schema becomes almost
unbreakable