3D-password A more secured authenticationG.Suresh babuRoll no:08H71A05C2Computer science & engineeringMic college of technologyGuide:Mrs A.Jaya Lakshmi
Contents• What is Authentication• Existing system• Drawbacks in existing system• Proposed system• Advantages with proposed system• Applications• Attacks• Conclusion
Authentication Authentication is a process of validating who are you to whom you claimed to be.• Human authentication techniques are as follows: 1.Knowledge Base (What you know) 2.Token Based(what you have) 3.Biometrics(what you are)
Three Basic Identification Methods of passwordPossession(“something I have”) Knowledge•Keys•Passport (“something I know”)•Smart Card •Password •PINBiometrics(“something I am”)•Face•Fingerprint•Iris
DrawbacksTextual Password: – Textual Passwords should be easy to remember at the same time hard to guess – Full password space for 8 characters consisting of both numbers and characters is 2 X 10¹⁴ – From an research 25% of the passwords out of 15,000 users can be guessed correctly by using brute force dictionaryGraphical Password One main drawback of applying biometric is its intrusiveness upon a users personnel characteristics. They require special scanning device to authenticate the user which is not acceptable for remote and internet users.
3d passwordThe 3D Password is a multifactor authentication scheme that combine RECOGNITION + RECALL +TOKENS +BIOMETRIC In one authentication system The 3D password presents a virtual environment containing variousvirtual objects. The user walks through the environment and interacts with theobjects The 3d Password is simply the combination and sequence of userinteractions that occur in the 3D environment
3D environmentSnapshot of a virtual environment , which contains 36pictures and six computers as virtual objects
Virtual objects• Virtual objects can be any object we encounter in real life: A computer on which the user can type A fingerprint reader that requires users fingerprint A paper or white board on which user can type A Automated teller(ATM) machine that requires a token A light that can be switched on/off A television or radio A car that can be driven A graphical password scheme
System implementation• The action towards an object that exists in location (x1,y1,z1) is different from action towards an another object at (x2,y2,z2).• Therefore ,to perform the legitimate 3d password the user must follow the same scenario performed by the legitimate user.• This means interacting with the same objects that reside at exact location and perform the exact actions in the proper sequence
example Let us consider a 3D virtual environment space of size G ×G × G.The 3D environment space is represented by the coordinates (x, y, z) ∈[1, . . . , G] ×[1, . . . , G] ×[1, . . . , G].The objects are distributed in the 3D virtual environment with unique (x,y, z) coordinates. We assume that the user can navigate into the 3Dvirtual environment and interact with the objects using any input devicesuch as a mouse, key board, fingerprint scanner, iris scanner, stylus, cardreader, and microphone.
For example, consider a user who navigates through the 3D virtualenvironment that consists of an office and a meeting room. Let us assume thatthe user is in the virtual office and the user turns around to the door located in(10, 24, 91) and opens it. Then, the user closes the door. The user then finds acomputer to the left, which exists in the position (4, 34, 18), and the user types“CAT.” The initial representation of user actions in the 3Dvirtual environmentcan be recorded as follows:: *(10, 24, 91) Action = Open the office door; *(10, 24, 91) Action = Close the office door; *(4, 34, 18) Action = Typing, “C”; *(4, 34, 18) Action = Typing, “A”; *(4, 34, 18) Action = Typing, “T”;
Advantages Flexibility: 3D Passwords allows Multifactor authentication biometric , textual passwords can be embedded in 3D password technology. Strength: This scenario provides almost unlimited passwords possibility. Ease to Memorize: can be remembered in the form of short story. Respect of Privacy: Organizers can select authentication schemes that respect users privacy.
Applications The 3D password can have a password space that is very largecompared to other authentication schemes, so the 3D password’s mainapplication domains are protecting critical systems and resources. Critical Servers: Nuclear Reactors & military Facilities: Airplanes and missile Guiding:
ApplicationsIn addition,3D password can also be used in less critical systemsA small virtual environment can be used in the following systems likeAtmPersonal digital assistanceDesktop computers & laptopsWeb authentication etc..,
Attacks and counter measures Brute Force Attack Well studied Attack Shoulder--surfing Attack
ConclusionThe authentication can be improved with 3d password ,because theun- authorized person may not interact with same object at a particularlocation as the legitimate user.It is difficult to crack ,because it has no fixed no of steps and aparticular procedureAdded with biometrics and token verification this schema becomesalmost unbreakable