3d passwords


Published on

This ppt gives a perfect description about 3d passwords.There is not much known about it ,but i have tried my best to bring the most of the concepts to the front regarding this topic

Published in: Technology
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

3d passwords

  1. 1. 3-D Password Scheme<br />For more secure authentication<br />
  2. 2. Authentication<br />Authentication is a process of validating who are you to whom you claimed to be<br />Human authentication techniques are as follows:<br />Knowledge Base (What you know)<br />Token Based(what you have)<br />Biometrics(what you are)<br />Recognition Based(What you recognise)<br />
  3. 3. Common Authentication Techniques used in computer world<br />Textual Passwords(Recall Based)-:Recall what you have created before.<br />Graphical Passwords:<br /> (Recall Based+Recognition Based)<br />Biometric schemes <br />(fingerprints,voice recognition etc) <br />
  4. 4. Drawbacks<br />Textual Password:<br />Textual Passwords should be easy to remember at the same time hard to guess<br />Full password space for 8 characters consisting of both numbers and characters is 2 X 10¹⁴<br /> From an research 25% of the passwords out of 15,000 users can guessed correctly by using brute force dictionary<br />
  5. 5. Drawbacks<br />Graphical Password<br />Graphical passwords can be easily recorded as these schemes take a long time.<br />One main drawback of applying biometric is its intrusiveness upon a users personnel characteristics.<br />They require special scanning device to authenticate the user which is not acceptable for remote and internet users. <br />
  6. 6. 3D PASSWORD SCHEME<br />The 3D Password scheme is a new authentication scheme that combine <br />RECOGNITION<br /> + RECALL<br /> +TOKENS<br /> +BIOMETRIC<br />In one authentication system<br />
  7. 7. The 3D password presents a virtual environment containing various virtual objects.<br />The user walks through the environment and interacts with the objects <br />The 3d Password is simply the combination and sequence of user interactions that occur in the 3D environment <br />
  8. 8. 3D Password selection<br />Virtual objects can be any object we encounter in real life:<br /><ul><li>A computer on which the user can type
  9. 9. A fingerprint reader that requires users fingerprint
  10. 10. A paper or white board on which user can type
  11. 11. A Automated teller(ATM) machine that requires a token
  12. 12. A light that can be switched on/off
  13. 13. A television or radio
  14. 14. A car that can be driven
  15. 15. A graphical password scheme</li></li></ul><li>For EXAMPLE:<br /> Let us assume the user enters a virtual office then performs the following action:<br /><ul><li>(10,24,91) Action=Open office door
  16. 16. (10,24,91) Action=Close office door
  17. 17. (4,34,18) Action=Tpeine,”C”
  18. 18. (4,34,18) Action=Typing,”O”
  19. 19. (4,34,18)Action=Typing,”N”
  20. 20. (10,24,80)Action=Pick up the pen
  21. 21. (1,18,80)Action=Draw point=(330,130) </li></li></ul><li>
  22. 22.
  23. 23.
  24. 24. 3D Passwords Differentiators<br /><ul><li>Flexibility:3D Passwords allows Multifactor authentication biometric , textual passwords can be embedded in 3D password technology.
  25. 25. Strength: This scenario provides almost unlimited passwords possibility.
  26. 26. Ease to Memorize: can be remembered in the form of short story.
  27. 27. Respect of Privacy: Organizers can select authentication schemes that respect users privacy.</li></li></ul><li>3D Password Application Areas<br />Critical Servers<br />Nuclear and military Facilities<br />Airplanes and JetFighters<br />ATMs,Desktop and Laptop Logins, Web Authentication<br />
  28. 28. Attacks and Countermeasures<br />Brute Force Attack: The attack is very difficult because<br />Time required to login may vary form 20s to 2 min therefore it is very time consuming.<br />Cost of Attack: A 3D Virtual environment may contain biometric object ,the attacker has to forge all biometric information.<br />Well Studied Attack: Attacker tries to get the most probable distribution of 3D Password. This is difficult because attacker has to perform customized attack fo different virtual environment .<br />
  29. 29. Shoulder Surfing Attacks: Attacker uses camera to record the users 3D passwords.This attack is more succesful<br />Timing Attack: The Attacker observes how long it takes the legitimate user to perform correct log in using 3D Password.which gives an indication of 3-D Passwords length.This attack cannot be succesful since it gives the attacker mere hints.<br />
  30. 30. QUERIES ??...<br />