558 120127064951-phpapp01


Published on


Published in: Healthcare, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

558 120127064951-phpapp01

  1. 1. Presented by: M.Bhargavi 08Q61A0558
  2. 2.  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion
  3. 3.  How about text-based passwords ? ◦ Difficulty of remembering passwords  easy to remember -> easy to guess  hard to guess -> hard to remember ◦ Users tend to write passwords down or use the same passwords for different accounts  An alternative: Graphical Passwords ◦ Psychological studies: Human can remember pictures better than text
  4. 4.  If the number of possible pictures is sufficiently large, the possible password space may exceed that of text-based schemes, thus offer better resistance to dictionary attacks.  can be used to: ◦ workstation ◦ web log-in application ◦ ATM machines ◦ mobile devices
  5. 5.  Conduct a comprehensive survey of the existing graphical password techniques  Discuss the strengths and limitations of each method  Point out future research directions
  6. 6.  Token based authentication ◦ key cards, band cards, smart card, …  Biometric based authentication ◦ Fingerprints, iris scan, facial recognition, …  Knowledge based authentication ◦ text-based passwords, picture-based passwords, … ◦ most widely used authentication techeniques
  7. 7.  Recognition Based Techniques ◦ a user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stage  Recall Based Techniques ◦ A user is asked to reproduce something that he created or selected earlier during the registration stage
  8. 8.  Dhamija and Perrig Scheme Pick several pictures out of many choices, identify them later in authentication. ◦ using Hash Visualization, which, given a seed, automatically generate a set of pictures ◦ take longer to create graphical passwords password space: N!/K! (N-K)! ( N-total number of pictures; K-number of pictures selected as passwords)
  9. 9.  Sobrado and Birget Scheme System display a number of pass-objects (pre-selected by user) among many other objects, user click inside the convex hull bounded by pass- objects. ◦ authors suggeated using 1000 objects, which makes the display very crowed and the objects almost indistinguishable. password space: N!/K! (N-K)! ( N-total number of picture objects; K-number of pre-registered objects)
  10. 10.  Other Schemes Using human faces as password Select a sequence of images as password
  11. 11.  Draw-A-Secret (DAS) Scheme User draws a simple picture on a 2D grid, the coordinates of the grids occupied by the picture are stored in the order of drawing  redrawing has to touch the same grids in the same sequence in authentication  user studies showed the drawing sequences is hard to Remember
  12. 12.  “PassPoint” Scheme User click on any place on an image to create a password. A tolerance around each chosen pixel is calculated. In order to be authenticated, user must click within the tolerances in correct sequence.  can be hard to remember the sequences Password Space: N^K ( N -the number of pixels or smallest units of a picture, K - the number of Point to be clicked on )
  13. 13.  Other Schemes Grid Selection Scheme Signature Scheme
  14. 14. Using distorted images to prevent revealing of passwords Using images with random tracks of geometric graphical shapes
  15. 15.  Is a graphical password as secure as text-based passwords? ◦ text-based passwords have a password space of 94^N (94 – number of printable characters, N- length of passwords). Some graphical password techniques can compete: Draw-A-Secret Scheme, PassPoint Scheme. ◦ Brute force search / Dictionary attacks The attack programs need to automatically generate accurate mouse motion to imitate human input, which is more difficult compared to text passwords. ◦ Guessing ◦ Social engineering ◦ …
  16. 16.  Pictures are easier to remember than text strings  Password registration and log-in process take too long  Require much more storage space than text based passwords
  17. 17.  main argument for graphical passwords: people are better at memorizing graphical passwords than text- based passwords  It is more difficult to break graphical passwords using the traditional attack methods such as:burte force search, dictionary attack or spyware.  Not yet widely used, current graphical password techniques are still immature