3dpasswords

7/27/2019 3dpasswords

1/17

3-D Password Scheme

For more secure authentication


2/17

Authentication

Authentication is a process of validatingwho are you to whom you claimed to be

Human authentication techniques are as

follows:1. Knowledge Base (What you know)

2. Token Based(what you have)

3. Biometrics(what you are)

4. Recognition Based(What you recognise)


3/17

Common Authentication

Techniques used in computerworld1. Textual Passwords(Recall Based)-:Recall

what you have created before.

2. Graphical Passwords:

(Recall Based+Recognition Based)

Biometric schemes

(fingerprints,voice recognition etc)


4/17

Drawbacks

Textual Password: Textual Passwords should be easy to

remember at the same time hard to guess

Full password space for 8 characters

consisting of both numbers and characters is2 X 10

From an research 25% of the passwords outof 15,000 users can guessed correctly by

using brute force dictionary


5/17

Drawbacks

Graphical Password Graphical passwords can be easily

recorded as these schemes take a longtime.

One main drawback of applying biometricis its intrusiveness upon a users personnelcharacteristics.

They require special scanning device to

authenticate the user which is notacceptable for remote and internet users.


6/17

3D PASSWORD SCHEME

The 3D Password scheme is a newauthentication scheme that combine

RECOGNITION

+ RECALL

+TOKENS

+BIOMETRIC

In one authentication system


7/17

The 3D password presents a virtualenvironment containing various virtual

objects.

The user walks through the environment

and interacts with the objects

The 3d Password is simply thecombination and sequence of user

interactions that occur in the 3Denvironment


8/17

3D Password selection

Virtual objects can be any object weencounter in real life:

A computer on which the user can type

A fingerprint reader that requires users fingerprint

A paper or white board on which user can typeA Automated teller(ATM) machine that requires a token

A light that can be switched on/off

A television or radio

A car that can be driven

A graphical password scheme


9/17

For EXAMPLE:

Let us assume the user enters a virtual

office then performs the following action: (10,24,91) Action=Open office door

(10,24,91) Action=Close office door

(4,34,18) Action=Tpeine,C

(4,34,18) Action=Typing,O

(4,34,18)Action=Typing,N

(10,24,80)Action=Pick up the pen

(1,18,80)Action=Draw point=(330,130)


10/17


11/17


12/17


13/17

3D Passwords Differentiators

Flexibility:3D Passwords allows Multifactorauthentication biometric , textual passwordscan be embedded in 3D password technology.

Strength: This scenario provides almostunlimited passwords possibility.

Ease to Memorize: can be remembered in theform of short story.

Respect of Privacy: Organizers can selectauthentication schemes that respect usersprivacy.


14/17

3D Password Application Areas

Critical Servers

Nuclear and military Facilities

Airplanes and JetFighters

ATMs,Desktop and Laptop Logins, WebAuthentication


15/17

Attacks and Countermeasures

Brute Force Attack: The attack is very difficultbecause

1. Time required to login may vary form 20s to 2 mintherefore it is very time consuming.

2. Cost of Attack: A 3D Virtual environment may containbiometric object ,the attacker has to forge allbiometric information.

Well Studied Attack: Attacker tries to getthe most probable distribution of 3D Password.This is difficult because attacker has to performcustomized attack fo different virtual

environment .


16/17


17/17

QUERIES ??...

3dpasswords

Documents

Transcript of 3dpasswords