attachment=65903
Download
Report
Transcript attachment=65903
Copyright© cs-tutorial.com
CONTENTS
Introduction
Authentication Schemes
Functionalities Required
3D Password selection and Input
Virtual Environment Design Guidelines
Applications
Security Analysis
Attacks and Countermeasures
Conclusion
INTRODUCTION
Commonly used authentication schemes are textual
passwords, graphical passwords and biometrics.
3D password is a multifactor authentication scheme.
To be authenticated,
werequirea3Dvirtualenvironment.
Combines recognition-,recall-,token-,and biometrics-
based systems.
Users choice to select the type of authentication
technique.
AUTHENTICATION SCHEMES
KNOWLEDGE BASED
Recall based
Recognition based
TOKEN BASED
eg : smart card
BIOMETRIC BASED
Fingerprint ,palm prints ,hand geometry ,face
recognition
Intrusiveness upon a user’s personal characteristics.
GRAPHICAL PASSWORDS
Recognition based
Recall based
FUNCTIONALITIES REQUIRED
New scheme should combine the existing
authentication schemes
Freedom to select the type of authentication
technique.
Should provide secrets that are easy to remember
,difficult toguess.
3D PASSWORD SELECTION AND INPUT
3D environment space represented by the co-ordinates
User navigate into the 3D virtual environment using
any input device.
The sequence of actions and interactions forms the
users3D password.
Representation of user actions in the 3D virtual
environment
(10,24,91) Action=Open the office door;
(10,24,91) Action=Close the office door;
(4,34,18) Action= Typing,“F”;
(4,34,18) Action= Typing,”A”;
(4,34,18) Action= Typing,”L”;
(4,34,18) Action= Typing,”C”;
(4,34,18) Action= Typing,”O”;
(4,34,18) Action= Typing,”N”;
(10,24,80) Action= Pick up the pen;
(1,18,80) Action= Drawing, point=(330,130).
Virtual Computer where user typing a textual password
as a part of user’s 3D Password
Snapshot of a proof-of-concept virtual art
gallery
State diagram of a 3D Password application
3D VIRTUAL ENVIRONMENT DESIGN
GUIDELINES
Real-life similarity
Object uniqueness and distinction
Three-dimensional virtual environment
System importance
APPLICATIONS
Critical servers.
Nuclear and military facilities.
Airplanes and jetfighters.
ATMs, PDA’s, desktop computers and laptops.
SECURITY ANALYSIS
3D Password Space Size.
3D Password Distribution Knowledge.
ATTACKS AND COUNTERMEASURES
Brute Force Attack
Well-Studied Attack
Shoulder Surfing Attack
Timing Attack
CONCLUSION
Commonly used authentication schemes are
vulnerable to attacks.
3D Password is a multifactor authentication scheme.
Design of 3D virtual environment, selection of objects
inside the environment, and the object type reflects
the resulted password space.
User’s choice and decision to construct the desired and
preferred 3D password