AuthenticationAuthentication is a process of validating who you are to whom you claimed to be. Human authentication techniques are as follows: 1.Knowledge Based (What you know) 2.Token Based(what you have) 3.Biometrics(what you are)
Three Basic IdentificationMethods of passwordPossession Knowledge(“something I have”) (“Something I know”)•Keys •Password•Passport • Pin•Smart Card •Face Biometrics •Fingerprints(“something I am”) •Iris
• Password is basically an encryption algorithms. It is 8-15 character or slightly more than that. Mostly textual passwords nowadays are kept which are very simple.
Passphrase It’s the enhance version of password. It is a combination of words or simply collection of password in proper sequence. It contains any well known thought also. Length of passphrase is about 30-50 character or more than that also.
% market shareby type ofbiometrictechnology in2003
PASSWORD •How secure is your password? Now with the technology change, fast processors and many tools on the Internet, cracking password has become a Childs Play. Ten years back Klein performed such tests and he could crack 10-15 passwords per day.
PASSPHRASE•Passphrase length is about 30-50 characters ormore than that so it creates ambiguity to rememberif there is no any proper sequence.
BIOMETRICS•Biometrics has also somedrawbacks.Suppose you select your fingerprintas a biometrics..But what to do when you have crackor wound in your finger.And now a days some hackers evenimplement exact copy of yourbiometrics also….
•The 3D passwords which are morecustomizable, and very interesting way ofauthentication.•A 3D password is a multifactorauthentication scheme thatcombine RECOGNITION +RECALL +TOKENS +BIOMETRICS in one authentication system.
The 3D password presents a virtual environment containing various virtual objects. The user walks through the environment and interacts with the objects. It is the combination and sequence of user interactions that occur in the 3D environment.
This is achieved through interacting only with the objects that acquire information that the user is comfortable in providing.It becomes much more difficult for the attacker to guess the user’s 3-D password.
Virtual objects Virtual objects can be any object we encounter in real life: A computer on which the user can type in A fingerprint reader that requires users fingerprint A paper or white board on which user can type An Automated teller(ATM) machine that requires a token A light that can be switched on/off A television or radio A car that can be driven A graphical password scheme
Snapshot of a proof - of - concept virtual art gallery , which contains 36 pictures and six computers
3D Virtual Environment•3-D virtual environment affects the usability, effectiveness, andacceptability of a 3-D password system.• 3-D environment reflects the administration needs and the securityrequirements. 3D Virtual Environment
The design of 3D virtualenvironments should followthese guidelines:Real Life SimilarityObject Uniqueness & Distinction3D Virtual Environment SizeNumber of objects & their typesSystem Importance
Advantages Flexibility Strength Ease to Memorize Respect of Privacy
Applications The 3D password’s main application domains are protecting critical systems and resources. Critical Servers Nuclear Reactors & military Facilities Airplanes and missile Guiding
A small virtual environment can be used in the following systems like-AtmPersonal digital assistanceDesktop computers & laptopsWeb authentication etc.
Attacks and Countermeasures Brute Force Attack Well studied Attack Shoulder-surfing Attack
Conclusion •The authentication can be improved with 3d password ,because the unauthorized person may not interact with same object at a particular location as the legitimate user. •It is difficult to crack ,because it has no fixed number of steps and a particular procedure. •Added with biometrics and token verification this schema becomes almost unbreakable.