SlideShare a Scribd company logo

3D Password M Sc BHU Sem 1

Download as PPTX, PDF
Swagato Dey
Swagato Dey
Technology
1 of 44
 Authentication & their types.  Knowledge Based Authentication.  Token Based Authentication.  Biometrics Authentication.  Drawbacks.  3D Password.  3D Virtual Environment.  Advantages & Application.  Attacks & Countermeasures.  Conclusion.  References. Areas Of Discussion
Authentication Authentication is a process of validating who you are to whom you claimed to be.  Human authentication techniques are as follows: 1. Knowledge Based (What you know) 2. Token Based (What you have) 3. Biometrics (What you are)
Three Basic Identification Methods of password Possession (“something I have”) •Keys •Passport •Smart Card Knowledge (“Something I know”) •Password • Pin Biometrics (“something I am”) •Face •Fingerprints •Iris
Password • Password is basically an encryption algorithms.  It is 8-15 character or slightly more than that.  Mostly textual passwords nowadays are kept which are very simple.
PASSPHRASE •Passphrase length is about 30-50 characters or more than that so it creates ambiguity to remember, if there is any proper sequence.
 It’s the enhance version of password.  It is a combination of words or simply collection of password in proper sequence.  It contains any well known thought also.  Length of passphrase is about 30-50 character or more than that also.
T O K E N B A S E D
A security token (or sometimes a hardware token, authentication token, USB token, cryptographic token, software token, virtual token) may be a physical device that an authorized user of computer services is given to ease authentication.
Token Disconnected Token Connected Token Contactless Token Single Sign – on Software Token Mobile Device Token Smart Card Bluetooth
B I O M E T R I C S
Biometrics •Refer to a broad range of technologies. •Automate the identification or verification of an individual.
Based on human characteristics or body organs
Process
Percentage market share by type of biometric technology in 2003
•How secure is your password? Now with the technology change, fast processors and many tools on the Internet, cracking password has become a Child's Play. Ten years back Klein performed such tests and he could crack 10-15 passwords per day. PASSWORD
Token  Involves additional costs, such as the cost of the token and any replacement fees.  Users always need to carry the token with them.  Users need multiple tokens for multiple Web sites and devices.  Does not protect fully from man-in-the-middle attacks (i.e., attacks where an intruder intercepts a user's session and steals the user's credentials by acting as a proxy between the user and the authentication device without the user's knowledge).
BIOMETRICS •Biometrics has also some drawbacks. Suppose you select your fingerprint as a biometrics.. But what to do when you have crack or wound in your finger. And now a days some hackers even implement exact copy of your biometrics also….
•The 3D passwords are more customizable, and very interesting way of authentication. •A 3D password is a multifactor authentication scheme that combine RECOGNITION +RECALL +TOKENS +BIOMETRICS in one authentication system.
 The 3D password presents a virtual environment containing various virtual objects.  The user walks through the environment and interacts with the objects.  It is the combination and sequence of user interactions that occur in the 3D environment.
 This is achieved through interacting only with the objects that acquire information that the user is comfortable in providing.  It becomes much more difficult for the attacker to guess the user’s 3-D password.
Virtual objects  Virtual objects can be any object we encounter in real life: A computer on which the user can type in. A fingerprint reader that requires users fingerprint. A paper or white board on which user can type. An Automated teller(ATM) machine that requires a token. A light that can be switched on/off. A television or radio where channels can be selected. A car that can be driven. A graphical password scheme.
A biometric recognition device. A staple that can be punched. A book that can be moved from one place to another. Any real life object. Any upcoming authentication scheme.
Snapshot of a proof - of - concept virtual art gallery , which contains 36 pictures and six computers
STATE DIAGRAM OF A 3D PASSWORD APPLICATION
3D VIRTUAL ENVIRONMENT
3D Virtual Environment •3-D virtual environment affects the usability, effectiveness, and acceptability of a 3-D password system. • 3-D environment reflects the administration needs and the security requirements. 3D Virtual Environment
The design of 3D virtual environments should follow these guidelines:  Real Life Similarity  Object Uniqueness & Distinction  3D Virtual Environment Size  Number of objects & their types  System Importance
Advantages  Flexibility  Strength  Ease to Memorize  Respect of Privacy
Applications The 3D password’s main application domains are protecting critical systems and resources.  Critical Servers  Nuclear Reactors & Military Facilities  Airplanes and Missile Guiding
A small virtual environment can be used in the following systems like-  ATM  Personal digital assistance  Desktop computers & laptops  Web authentication etc.
Attacks and Countermeasures Brute Force Attack Well studied Attack  Shoulder-surfing Attack Timing Attack
Brute Force Attack The attacker has to try all possible 3D passwords. This kind of attack is very difficult for the following reasons.  Time required to login .  3D Attacks are very expensive.
Well Studied Attack The attacker tries to find the highest probable distribution of 3D passwords. In order to launch such an attack, the attacker has to acquire knowledge of the most probable 3D password distributions. This is very difficult because the attacker has to study all the existing authentication schemes that are used in the 3D environment. Moreover, a well studied attack is very hard to accomplish since the attacker has to perform a customized attack for every different 3D virtual environment design.
Shoulder-surfing Attack An attacker uses a camera to record the user’s 3D password or tries to watch the legitimate user while the 3D password is being performed. This attack is the most successful type of attack against 3D passwords and some other graphical passwords. However, the user’s 3D password may contain biometric data or textual passwords that cannot be seen from behind. Therefore, we assume that the 3D password should be performed in a secure place where a shoulder surfing attack cannot be performed.
Timing Attack In this attack, the attacker observes how long it takes the legitimate user to perform a correct sign in using the 3D password. This observation gives the attacker an indication of the legitimate user’s 3D password length. However, this kind of attack alone cannot be very successful since it gives the attacker mere hints. Therefore, it would probably be launched as part of a well studied or brute force attack. Timing attacks can be very effective if the 3D virtual environment is poorly designed.
 The authentication can be improved with 3D password, because the unauthorized person may not interact with same object at a particular location as the legitimate user.  It is difficult to crack, because it has no fixed number of steps and a particular procedure.  Added with biometrics and token verification this schema becomes almost unbreakable. Conclusion
 X. Suo, Y. Zhu, and G. S. Owen, “Graphical passwords: A survey,” in Proc. 21st Annu. Comput. Security Appl. Conf., Dec. 5–9, 2005, pp. 463–472. D. V. Klein, “Foiling the cracker: A survey of, and improvement to passwords security,” in Proc. USENIX Security Workshop, 1990, pp. 5–14. T. Kitten, Keeping an Eye on the ATM. (2005, Jul. 11). [Online]. Available: ATMMarketPlace.com G. E. Blonder, “Graphical password,” U.S. Patent 5 559 961, Sep. 24, 1996. R. Dhamija and A. Perrig, “Déjà Vu: A user study using images for authentication,” in Proc. 9th USINEX Security Symp., Denver, CO, Aug. 2000, pp. 45–58. References
3D Password M Sc BHU Sem 1

Recommended

3d password 23 mar 14
3d password 23 mar 143d password 23 mar 14
3d password 23 mar 14Saddam Ahmed
 
3d password - Report
3d password - Report 3d password - Report
3d password - Report Sunanda Bansal
 
3D Password
3D Password3D Password
3D PasswordPreethi AKNR
 
3 d password
3 d password3 d password
3 d passwordASHOK KUMAR PALAKI
 
SRAVYA
SRAVYASRAVYA
SRAVYApvpsit
 
3D Password
3D Password3D Password
3D PasswordDevyani Vaidya
 
3d password ppt
3d password ppt3d password ppt
3d password pptmanisha0902
 
3D Password and its importance
3D Password and its importance3D Password and its importance
3D Password and its importanceshubhangi singh
 

Recommended

3d password 23 mar 14
3d password 23 mar 143d password 23 mar 14
3d password 23 mar 14Saddam Ahmed
 
3d password - Report
3d password - Report 3d password - Report
3d password - Report Sunanda Bansal
 
3D Password
3D Password3D Password
3D PasswordPreethi AKNR
 
3 d password
3 d password3 d password
3 d passwordASHOK KUMAR PALAKI
 
SRAVYA
SRAVYASRAVYA
SRAVYApvpsit
 
3D Password
3D Password3D Password
3D PasswordDevyani Vaidya
 
3d password ppt
3d password ppt3d password ppt
3d password pptmanisha0902
 
3D Password and its importance
3D Password and its importance3D Password and its importance
3D Password and its importanceshubhangi singh
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORDramyasaikondapi
 
3D Password
3D Password3D Password
3D PasswordShubham Rungta
 
3d password ppt
3d password ppt3d password ppt
3d password pptGowsalyasri
 
3D PASSWORD SEMINAR
3D PASSWORD SEMINAR3D PASSWORD SEMINAR
3D PASSWORD SEMINARKarishma Khan
 
3D Password
3D Password3D Password
3D PasswordZishan Mohsin
 
3 d password
3 d password3 d password
3 d passwordyogendra mahate
 
3 d password
3 d password 3 d password
3 d password blogger at indiandswad
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORDJYoTHiSH o.s
 
3D Password PPT
3D Password PPT3D Password PPT
3D Password PPTSeminar Links
 
3D-Password: A More Secure Authentication
3D-Password: A More Secure Authentication3D-Password: A More Secure Authentication
3D-Password: A More Secure AuthenticationMahesh Gadhwal
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORDAkhi Balakrishnan
 
3D Password Presentation
3D Password Presentation3D Password Presentation
3D Password PresentationSambit Mishra
 
3D-Password
3D-Password 3D-Password
3D-Password Devyani Vaidya
 
3D Password
3D Password3D Password
3D PasswordAnkit Nagar
 
3D password
3D password3D password
3D passwordanuradha srivastava
 
Graphical password based hybrid authentication system for smart hand held dev...
Graphical password based hybrid authentication system for smart hand held dev...Graphical password based hybrid authentication system for smart hand held dev...
Graphical password based hybrid authentication system for smart hand held dev...Alexander Decker
 
3D password
3D password3D password
3D passwordJaya Sinha
 
3d passwords
3d passwords3d passwords
3d passwordsshwetaag
 
SEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDSEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDKarishma Khan
 
3d password
3d password3d password
3d passwordAbinaya Sathya
 
3d password by suresh
3d password by suresh3d password by suresh
3d password by sureshsuresh5c2
 
3D PASSWORD
3D PASSWORD 3D PASSWORD
3D PASSWORD Rajashree Swain
 

More Related Content

What's hot

3D-Password: A More Secure Authentication
3D-Password: A More Secure Authentication3D-Password: A More Secure Authentication
3D-Password: A More Secure AuthenticationMahesh Gadhwal
 
3D Password Presentation
3D Password Presentation3D Password Presentation
3D Password PresentationSambit Mishra
 
Graphical password based hybrid authentication system for smart hand held dev...
Graphical password based hybrid authentication system for smart hand held dev...Graphical password based hybrid authentication system for smart hand held dev...
Graphical password based hybrid authentication system for smart hand held dev...Alexander Decker
 
3d passwords
3d passwords3d passwords
3d passwordsshwetaag
 
SEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDSEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDKarishma Khan
 

What's hot (20)

3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 
3D Password
3D Password3D Password
3D Password
 
3d password ppt
3d password ppt3d password ppt
3d password ppt
 
3D PASSWORD SEMINAR
3D PASSWORD SEMINAR3D PASSWORD SEMINAR
3D PASSWORD SEMINAR
 
3D Password
3D Password3D Password
3D Password
 
3 d password
3 d password3 d password
3 d password
 
3 d password
3 d password 3 d password
3 d password
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 
3D Password PPT
3D Password PPT3D Password PPT
3D Password PPT
 
3D-Password: A More Secure Authentication
3D-Password: A More Secure Authentication3D-Password: A More Secure Authentication
3D-Password: A More Secure Authentication
 
3D PASSWORD
3D PASSWORD3D PASSWORD
3D PASSWORD
 
3D Password Presentation
3D Password Presentation3D Password Presentation
3D Password Presentation
 
3D-Password
3D-Password 3D-Password
3D-Password
 
3D Password
3D Password3D Password
3D Password
 
3D password
3D password3D password
3D password
 
Graphical password based hybrid authentication system for smart hand held dev...
Graphical password based hybrid authentication system for smart hand held dev...Graphical password based hybrid authentication system for smart hand held dev...
Graphical password based hybrid authentication system for smart hand held dev...
 
3D password
3D password3D password
3D password
 
3d passwords
3d passwords3d passwords
3d passwords
 
SEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORDSEMINAR REPORT ON 3D PASSWORD
SEMINAR REPORT ON 3D PASSWORD
 
3d password
3d password3d password
3d password
 

Viewers also liked

3d password by suresh
3d password by suresh3d password by suresh
3d password by sureshsuresh5c2
 
3D Password by Kuldeep Dhakad
3D Password by Kuldeep Dhakad3D Password by Kuldeep Dhakad
3D Password by Kuldeep Dhakadkuldeepdhakad
 
PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentRamesh Nagappan
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authenticationhon1nbo
 
tsunami warning system (synofsis)
tsunami warning system (synofsis)tsunami warning system (synofsis)
tsunami warning system (synofsis)Girish1020
 
Intro To webOS
Intro To webOSIntro To webOS
Intro To webOSfpatton
 
Web Operating System Overview
Web Operating System OverviewWeb Operating System Overview
Web Operating System OverviewMadhu Bala
 
Atm using fingerprint
Atm using fingerprintAtm using fingerprint
Atm using fingerprintAnIsh Kumar
 
graphical password authentication
graphical password authenticationgraphical password authentication
graphical password authenticationAkhil Kumar
 
Graphical password authentication
Graphical password authenticationGraphical password authentication
Graphical password authenticationAsim Kumar Pathak
 
Latest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc StudentsLatest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc StudentsArun Kumar
 

Viewers also liked (17)

3d password by suresh
3d password by suresh3d password by suresh
3d password by suresh
 
3D PASSWORD
3D PASSWORD 3D PASSWORD
3D PASSWORD
 
3D Password by Kuldeep Dhakad
3D Password by Kuldeep Dhakad3D Password by Kuldeep Dhakad
3D Password by Kuldeep Dhakad
 
PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environment
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authentication
 
3dpassword
3dpassword3dpassword
3dpassword
 
3D password
3D password 3D password
3D password
 
Web OS
Web OSWeb OS
Web OS
 
tsunami warning system (synofsis)
tsunami warning system (synofsis)tsunami warning system (synofsis)
tsunami warning system (synofsis)
 
Biometric authentication reiew
Biometric authentication reiewBiometric authentication reiew
Biometric authentication reiew
 
Intro To webOS
Intro To webOSIntro To webOS
Intro To webOS
 
Web Operating System Overview
Web Operating System OverviewWeb Operating System Overview
Web Operating System Overview
 
Atm using fingerprint
Atm using fingerprintAtm using fingerprint
Atm using fingerprint
 
Graphical password
Graphical passwordGraphical password
Graphical password
 
graphical password authentication
graphical password authenticationgraphical password authentication
graphical password authentication
 
Graphical password authentication
Graphical password authenticationGraphical password authentication
Graphical password authentication
 
Latest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc StudentsLatest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc Students
 

Similar to 3D Password M Sc BHU Sem 1

3dpassword ppt-120815070434-phpapp02
3dpassword ppt-120815070434-phpapp023dpassword ppt-120815070434-phpapp02
3dpassword ppt-120815070434-phpapp02ajaykumar557
 
3d pass words
3d pass words3d pass words
3d pass wordsmkanth
 
3DPassword_AakashTakale
3DPassword_AakashTakale3DPassword_AakashTakale
3DPassword_AakashTakaleAakash Takale
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriyajanapriyanaidu
 
New era of authentication
New era of authenticationNew era of authentication
New era of authenticationsunil kumar
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaIOSR Journals
 
3dpassword.doc
3dpassword.doc3dpassword.doc
3dpassword.docAjay Kumar
 
Ppt on 3d password (2)
Ppt on 3d password (2)Ppt on 3d password (2)
Ppt on 3d password (2)ASIM MIRZA
 
3d authentication system
3d authentication system3d authentication system
3d authentication systemRicha Agarwal
 

Similar to 3D Password M Sc BHU Sem 1 (20)

3dpassword ppt-120815070434-phpapp02
3dpassword ppt-120815070434-phpapp023dpassword ppt-120815070434-phpapp02
3dpassword ppt-120815070434-phpapp02
 
3d pass words
3d pass words3d pass words
3d pass words
 
Vivek
VivekVivek
Vivek
 
Deepak 3 dpassword (2)
Deepak 3 dpassword (2)Deepak 3 dpassword (2)
Deepak 3 dpassword (2)
 
3DPassword_AakashTakale
3DPassword_AakashTakale3DPassword_AakashTakale
3DPassword_AakashTakale
 
Graphical authintication
Graphical authinticationGraphical authintication
Graphical authintication
 
3D Password ppt
3D Password ppt 3D Password ppt
3D Password ppt
 
3dpasswordppt
3dpasswordppt3dpasswordppt
3dpasswordppt
 
3dpassword by janapriya
3dpassword by janapriya3dpassword by janapriya
3dpassword by janapriya
 
3dpassword
3dpassword3dpassword
3dpassword
 
3d passwords
3d passwords 3d passwords
3d passwords
 
New era of authentication
New era of authenticationNew era of authentication
New era of authentication
 
C0361419
C0361419C0361419
C0361419
 
3d
3d3d
3d
 
A Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schemaA Novel Revolutionary highly secured Object authentication schema
A Novel Revolutionary highly secured Object authentication schema
 
3D - password
3D - password3D - password
3D - password
 
3 d
3 d3 d
3 d
 
3dpassword.doc
3dpassword.doc3dpassword.doc
3dpassword.doc
 
Ppt on 3d password (2)
Ppt on 3d password (2)Ppt on 3d password (2)
Ppt on 3d password (2)
 
3d authentication system
3d authentication system3d authentication system
3d authentication system
 

Recently uploaded

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 

Recently uploaded (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

3D Password M Sc BHU Sem 1

  • 1.
  • 2.  Authentication & their types.  Knowledge Based Authentication.  Token Based Authentication.  Biometrics Authentication.  Drawbacks.  3D Password.  3D Virtual Environment.  Advantages & Application.  Attacks & Countermeasures.  Conclusion.  References. Areas Of Discussion
  • 3. Authentication Authentication is a process of validating who you are to whom you claimed to be.  Human authentication techniques are as follows: 1. Knowledge Based (What you know) 2. Token Based (What you have) 3. Biometrics (What you are)
  • 4. Three Basic Identification Methods of password Possession (“something I have”) •Keys •Passport •Smart Card Knowledge (“Something I know”) •Password • Pin Biometrics (“something I am”) •Face •Fingerprints •Iris
  • 5.
  • 6. Password • Password is basically an encryption algorithms.  It is 8-15 character or slightly more than that.  Mostly textual passwords nowadays are kept which are very simple.
  • 7. PASSPHRASE •Passphrase length is about 30-50 characters or more than that so it creates ambiguity to remember, if there is any proper sequence.
  • 8.  It’s the enhance version of password.  It is a combination of words or simply collection of password in proper sequence.  It contains any well known thought also.  Length of passphrase is about 30-50 character or more than that also.
  • 10. A security token (or sometimes a hardware token, authentication token, USB token, cryptographic token, software token, virtual token) may be a physical device that an authorized user of computer services is given to ease authentication.
  • 11. Token Disconnected Token Connected Token Contactless Token Single Sign – on Software Token Mobile Device Token Smart Card Bluetooth
  • 13. Biometrics •Refer to a broad range of technologies. •Automate the identification or verification of an individual.
  • 14. Based on human characteristics or body organs
  • 16. Percentage market share by type of biometric technology in 2003
  • 17.
  • 18. •How secure is your password? Now with the technology change, fast processors and many tools on the Internet, cracking password has become a Child's Play. Ten years back Klein performed such tests and he could crack 10-15 passwords per day. PASSWORD
  • 19. Token  Involves additional costs, such as the cost of the token and any replacement fees.  Users always need to carry the token with them.  Users need multiple tokens for multiple Web sites and devices.  Does not protect fully from man-in-the-middle attacks (i.e., attacks where an intruder intercepts a user's session and steals the user's credentials by acting as a proxy between the user and the authentication device without the user's knowledge).
  • 20. BIOMETRICS •Biometrics has also some drawbacks. Suppose you select your fingerprint as a biometrics.. But what to do when you have crack or wound in your finger. And now a days some hackers even implement exact copy of your biometrics also….
  • 21.
  • 22. •The 3D passwords are more customizable, and very interesting way of authentication. •A 3D password is a multifactor authentication scheme that combine RECOGNITION +RECALL +TOKENS +BIOMETRICS in one authentication system.
  • 23.  The 3D password presents a virtual environment containing various virtual objects.  The user walks through the environment and interacts with the objects.  It is the combination and sequence of user interactions that occur in the 3D environment.
  • 24.  This is achieved through interacting only with the objects that acquire information that the user is comfortable in providing.  It becomes much more difficult for the attacker to guess the user’s 3-D password.
  • 25. Virtual objects  Virtual objects can be any object we encounter in real life: A computer on which the user can type in. A fingerprint reader that requires users fingerprint. A paper or white board on which user can type. An Automated teller(ATM) machine that requires a token. A light that can be switched on/off. A television or radio where channels can be selected. A car that can be driven. A graphical password scheme.
  • 26. A biometric recognition device. A staple that can be punched. A book that can be moved from one place to another. Any real life object. Any upcoming authentication scheme.
  • 27. Snapshot of a proof - of - concept virtual art gallery , which contains 36 pictures and six computers
  • 28. STATE DIAGRAM OF A 3D PASSWORD APPLICATION
  • 30. 3D Virtual Environment •3-D virtual environment affects the usability, effectiveness, and acceptability of a 3-D password system. • 3-D environment reflects the administration needs and the security requirements. 3D Virtual Environment
  • 31. The design of 3D virtual environments should follow these guidelines:  Real Life Similarity  Object Uniqueness & Distinction  3D Virtual Environment Size  Number of objects & their types  System Importance
  • 32.
  • 33.
  • 34. Advantages  Flexibility  Strength  Ease to Memorize  Respect of Privacy
  • 35. Applications The 3D password’s main application domains are protecting critical systems and resources.  Critical Servers  Nuclear Reactors & Military Facilities  Airplanes and Missile Guiding
  • 36. A small virtual environment can be used in the following systems like-  ATM  Personal digital assistance  Desktop computers & laptops  Web authentication etc.
  • 37. Attacks and Countermeasures Brute Force Attack Well studied Attack  Shoulder-surfing Attack Timing Attack
  • 38. Brute Force Attack The attacker has to try all possible 3D passwords. This kind of attack is very difficult for the following reasons.  Time required to login .  3D Attacks are very expensive.
  • 39. Well Studied Attack The attacker tries to find the highest probable distribution of 3D passwords. In order to launch such an attack, the attacker has to acquire knowledge of the most probable 3D password distributions. This is very difficult because the attacker has to study all the existing authentication schemes that are used in the 3D environment. Moreover, a well studied attack is very hard to accomplish since the attacker has to perform a customized attack for every different 3D virtual environment design.
  • 40. Shoulder-surfing Attack An attacker uses a camera to record the user’s 3D password or tries to watch the legitimate user while the 3D password is being performed. This attack is the most successful type of attack against 3D passwords and some other graphical passwords. However, the user’s 3D password may contain biometric data or textual passwords that cannot be seen from behind. Therefore, we assume that the 3D password should be performed in a secure place where a shoulder surfing attack cannot be performed.
  • 41. Timing Attack In this attack, the attacker observes how long it takes the legitimate user to perform a correct sign in using the 3D password. This observation gives the attacker an indication of the legitimate user’s 3D password length. However, this kind of attack alone cannot be very successful since it gives the attacker mere hints. Therefore, it would probably be launched as part of a well studied or brute force attack. Timing attacks can be very effective if the 3D virtual environment is poorly designed.
  • 42.  The authentication can be improved with 3D password, because the unauthorized person may not interact with same object at a particular location as the legitimate user.  It is difficult to crack, because it has no fixed number of steps and a particular procedure.  Added with biometrics and token verification this schema becomes almost unbreakable. Conclusion
  • 43.  X. Suo, Y. Zhu, and G. S. Owen, “Graphical passwords: A survey,” in Proc. 21st Annu. Comput. Security Appl. Conf., Dec. 5–9, 2005, pp. 463–472. D. V. Klein, “Foiling the cracker: A survey of, and improvement to passwords security,” in Proc. USENIX Security Workshop, 1990, pp. 5–14. T. Kitten, Keeping an Eye on the ATM. (2005, Jul. 11). [Online]. Available: ATMMarketPlace.com G. E. Blonder, “Graphical password,” U.S. Patent 5 559 961, Sep. 24, 1996. R. Dhamija and A. Perrig, “Déjà Vu: A user study using images for authentication,” in Proc. 9th USINEX Security Symp., Denver, CO, Aug. 2000, pp. 45–58. References