2. CONTENTS
• What is Authentication
• Existing system
• Drawbacks in existing system
• Proposed system
• Advantages with proposed system
• Applications
• Attacks
• Conclusion
3. AUTHENTICATION
Authentication is a process of validating
who are you to whom you claimed to be.
• Human authentication techniques are as follows:
1.Knowledge Base (What you know)
2.Token Based(what you have)
3.Biometrics(what you are)
4. THREE BASIC IDENTIFICATION METHODS OF PASSWORD
•Password
•PIN
Possession
(“something I have”)
•Keys
•Passport
•Smart Card
Biometrics
(“something I am”)
•Face
•Fingerprint
•Iris
Knowledge
(“something I know”)
5. DRAWBACKS
Textual Password:
– Textual Passwords should be easy to remember at the same
time hard to guess
– Full password space for 8 characters consisting of both numbers
and characters is 2 X 10¹⁴
– From an research 25% of the passwords out of 15,000 users
can be guessed correctly by using brute force dictionary
Graphical Password
One main drawback of applying biometric is its
intrusiveness upon a users personnel characteristics.
They require special scanning device to authenticate the
user which is not acceptable for remote and internet users.
6. 3d password
The 3D Password is a multifactor authentication scheme that
combine
RECOGNITION
+ RECALL
+TOKENS
+BIOMETRIC
In one authentication
system
The 3D password presents a virtual environment containing
various virtual objects.
The user walks through the environment and interacts with the
objects
The 3d Password is simply the combination and sequence of
user interactions that occur in the 3D environment
7. Virtual objects
• Virtual objects can be any object we encounter in real life:
A computer on which the user can type
A fingerprint reader that requires users fingerprint
A paper or white board on which user can type
A Automated teller(ATM) machine that requires a
token
A light that can be switched on/off
A television or radio
A car that can be driven
A graphical password scheme
8. System implementation
• The action towards an object that exists in location
(x1,y1,z1)
is different from action towards an another object at
(x2,y2,z2).
• Therefore ,to perform the legitimate 3d password the user
must follow the same scenario performed by the legitimate
user.
• This means interacting with the same objects that reside at
exact location and perform the exact actions in the proper
sequence
9. example
Let us consider a 3D virtual environment space of size G ×G ×
G. The 3D environment space is represented by the coordinates (x,
y, z) ∈ [1, . . . , G] ×[1, . . . , G] ×[1, . . . , G].
The objects are distributed in the 3D virtual environment with
unique (x, y, z) coordinates. We assume that the user can navigate
into the 3D virtual environment and interact with the objects using
any input device such as a mouse, key board, fingerprint scanner,
iris scanner, stylus, card reader, and microphone.
10. For example, consider a user who navigates through the 3D virtual
environment that consists of an office and a meeting room. Let us assume that
the user is in the virtual office and the user turns around to the door located in
(10, 24, 91) and opens it. Then, the user closes the door. The user then finds a
computer to the left, which exists in the position (4, 34, 18), and the user types
“CAT.” The initial representation of user actions in the 3Dvirtual environment
can be recorded as follows::
*(10, 24, 91) Action = Open the office door;
*(10, 24, 91) Action = Close the office door;
*(4, 34, 18) Action = Typing, “C”;
*(4, 34, 18) Action = Typing, “A”;
*(4, 34, 18) Action = Typing, “T”;
11. Advantages
Flexibility: 3D Passwords allows Multifactor
authentication biometric , textual passwords can
be embedded in 3D password technology.
Strength: This scenario provides almost
unlimited passwords possibility.
Ease to Memorize: can be remembered in the
form of short story.
Respect of Privacy: Organizers can select
authentication schemes that respect users
privacy.
12. Applications
The 3D password can have a password space that is very large
compared to other authentication schemes, so the 3D password’s
main application domains are protecting critical systems and
resources.
Critical Servers:
Nuclear Reactors & military Facilities:
Airplanes and missile Guiding:
13. Applications
In addition,3D password can also be used in less critical
systems
A small virtual environment can be used in the following systems
like
Atm
Personal digital assistance
Desktop computers & laptops
Web authentication etc..,
14. Attacks and counter measures
Brute Force Attack
Well studied Attack
Shoulder--surfing Attack
15. Conclusion
The authentication can be improved with 3d password ,because
the un- authorized person may not interact with same object at
a particular location as the legitimate user.
It is difficult to crack ,because it has no fixed no of steps and a
particular procedure
Added with biometrics and token verification this schema
becomes almost unbreakable