This document proposes a new authentication method called Color Lock that uses color-coded PINs to resist shoulder surfing attacks. It aims to allow users to securely enter their login credentials in public without revealing their actual PIN. The proposed method assigns unique colors to numeric values and uses a color-coded interface for PIN entry. It is intended to provide security against observation attacks while maintaining usability for users. The document outlines the background, working mechanism, objectives, applications and conclusions of the Color Lock method for more secure authentication.

1. COLOR LOCK: AGAINST
PASSWORDATTACKS
SUBMITTED BY :
SREELEKSHMIA KRISHNA
S2 MSC

2. GUIDEDBY : JISHA MISS (DEPARTMENTOF
COMPUTER SCIENCE)

3. Security… Its own our finger !!

4. OUTLINE
 ABSTRACT
 LITERATURE REVIEW
 INTRODUCTION
 WHAT IT IS
 RECENT EVENTS
 WORKING
 USER INTERFACE
 OBJECTIVES
 METHODS
 APPLICATIONS
 CONCLUSION AND FUTURE PROSPECTS

5. Security… Its own our finger !!

6. ABSTRACT…!!
 Classical PIN entry mechanism is widely used
for authenticating a user. It is a popular
scheme because it nicely balances the
usability and security aspects of a system.
 However, if this scheme is to be used in a
public system then the scheme may suffer
from shoulder surfing attack. In this attack, an
unauthorized user can fully or partially observe
the login session.

7.  Even the activities of the login session can be
recorded which the attacker can use it later to
get the actual PIN.
 In this paper, we propose an intelligent user
interface, known as COLOR PASS to resist
the shoulder surfing attack so that any genuine
user can enter the session PIN without
disclosing the actual PIN.

8.  Traditional PIN-entry methods are vulnerable
to a wide class of observation attacks such as
brute force attacks, side channel attacks etc.
 A number of alternative PIN-entry methods
that are based on human cognitive skills have
been proposed till date.
 These methods can be classified into two
classes regarding information available to a
passive adversary: fully observable and
partially observable.

9.  The Color Pass is based on a partially
observable attacker model. The experimental
analysis shows that the Color Pass interface
is safe and easy to use even for novice
users.
 Color password is widely famous, but it is
prone to shoulder surfing attacks, in which an
attacker can record the login procedure of a
user for an entire session and can retrieve
the user original PIN.

10.  In this paper, we propose an intelligent user
interface, known as Color Lock to resist the
password attacks so that any genuine user
can enter the session PIN without disclosing
the actual PIN.
 The Color Lock is based on a partially
observable attacker model. The experimental
analysis shows that the Color Lock interface is
safe and easy to use.

11. LITERATURE REVIEW….
 Mainly 3 related base
papers

12.  In 2012 Yu-Chang Yeh, proposed An Enhanced
Simple Secure Remote Password
Authentication Scheme without Using
Cryptography, user has to set a textual
password and choose one icon among six
icons as his start icon.
 During the login on screen keyboard and 5 color
buttons excluding the white are randomly
displayed in an invisible matrix. User has to find
out the background color of the running pass
character. If the color is white, then user can click
any button; otherwise user has to click the button
with the same color as the background color of
the running pass string.

13. I. In 2013 Yi-Lun Chenetal proposed A Simple
Text-Based Shoulder Surfing Resistant
Graphical Password Scheme using colors
and text. During the registration phase user
has to set a textual password and one color
has its pass color. When the user requests to
login the system, the system displays a circle
composed of 8 equally sized sectors.
II. All the displayed characters can be
simultaneously rotated by clicking the
“clockwise” button or by clicking the
“counterclockwise” button.

14. I. In 2014 Wei-Chi Kuet.al proposed An
Enhanced Capture Attacks Resistant Text-
Based Graphical Password Scheme, user
password include pass string and pass
color shape.
II. When the user request to login it displays an
on screen keyboard. If the background color of
the running passes string is not same as the
pass color shape, then user is requested to
press any of the responding button that having
the same shape as the pass color shape, it
reassign the background color.

15. INTRODUCTION
 There are a large number of Internet users around the
world.
 Our software applications deal with sensitive as well as
private information which must be saved from misuse by
some malicious users and their attacks
 There are many authentication schemes available
among which password based authentication is most
used as it is cost effective and secure.

16.  It is an intelligent user interface, known as COLOR
PASS
 It provides onetime pass paradigm corresponding to four
color PINs
 It‘s easy to use and doesn‘t require any additional
knowledge.
 This method leads to drawback as the user uses the
headphones to get the color values.

17. WHAT IT IS..?
 Color Pass is an intelligent user interface.
 It resist the shoulder surfing attack so that
any genuine user can enter the session
PIN without disclosing the actual PIN.
 While using this technique the user
propose an improved text-based shoulder
surfing resistant number wise password
(0-9 ) scheme by using color PIN entry
mechanism which are resistant to
shoulder surfing.

18.  The Color Pass is based on a partially
observable attacker model.
 This proposed work gives more security
over the password from shoulder surfing
and accidental log in.
 It ensure security, the attacker should not
able to guess the PIN just by seeing the
responses.
 The user can easily and efficiently log in
into the system.

19. RECENT EVENTS
 In the last year at IJAFRSE , one of the most
research medium , new concepts called
“COLOR LOCK TECHNOLOGY” was
demonstrated.
 This technology as to been developed by
scientists of Department of Computer Science &
Engineering
Kaohsiung Institute of Technology, Canada

20. WORKING..!!
 The proposed color methodology implements
one time pass paradigm.
 The existing Color Pass provides the onetime
pass paradigm corresponding to four color
PINs in which the user gets four challenges for
which the user enter response to each
challenge.

21.  It‘s easy to use and doesn‘t require any
additional knowledge.
 This method leads to drawback as the user
uses the headphones to get the color values.

23.  It represents the nine color tables in which the
user selects the color table according to the
secret key generated through their hand held
devices.

24. User Interface
 Traditional PIN entry mechanism is more users
friendly.
 While implementing user interface we have
assigned unique colors .
 Only two extreme keys at the bottom row are
kept unused.
 The values got from the look up table will be
entered in the user interface.
 Finally only four values will be entered.

25. User Interface for Entering
Response

26.  Similarities between keypads in color
password and classical pin entry method
makes our methodology more user friendly.
 Only the two extreme keys at the bottom row
are kept unused.
 As the user chooses any four color and
receive values 8 3 6 4 then seeing the
interface in user will enter 5 2 7 1 using the
keyboard showing at Entering Response table

27. Objectives
 The main objective of this technique is to
accomplish security.
 It is more efficient password system against
attack like shoulder surfing or guessing the
password.
 This scheme can be easily used by any type
of user which widens the scope of applicability
of our scheme.
 The session passwords provide better security
against brute force attacks as password
changes for every session.

28. METHODS…
 Colour Lock technology is processed through
some ways or methods They are…
 CRYPTOLOGY

29. something secure ,if you don’t know how to
break it”
- Marc Weber
Tobias

31. Application
 Firstly it is mostly priority to implement on ATM
Machine as like a public system
 In mobile pattern lock, we use this system is
more secure.
 In Military we use to secure confidential data.
 In Companies store secret data and all
important information with maximum security.

32. CONCLUSION AND FUTURE
WORK
 In this paper we have proposed a novel scheme
to authenticate a user using color PINS.
 The scheme is known as Color lock scheme
which provides an intelligent interface for users to
login into system in a public domain.
 In this scheme, the user remembers four colors as
his PIN. The scheme works on the framework of
partially observable attacker model.
 From security point of view the scheme is quite
robust against some possible attacks such as
shoulder surfing, guessing password, side
channel attack, etc.

33.  And from usability point of view the scheme is
user friendly and takes very less time for login.
 Also the scheme can be used by both math
and non-math oriented people.
 The proposed methodology shows significant
low error rate during login procedure.
 In future we will explore how to extend this
scheme for fully observable attacker model.

34. REFERENCES
 C. Herley, P. C. Oorschot, and A. S. Patrick,
“Passwords: If were so smart, why are we still using
them?,” in Financial Cryptography, pp. 230–237, 2009.
 “www.webeopdia.com/terms/shoulder−surfing.html
(last access october, 2013).”
 L. Sobrado “Graphical passwords,” The Rutgers
Scholar, An Electronic Bulletin for Undergraduate
Research, vol. 4,2002
 T.Perkovic_, M.C˝ agalj, and N.Saxena, ―Shouldr-surfing
safe login in apartially observable attacker model,‖ in Sion,
R.(eds.) FC 2010. LNCS,pp. 351–358, 2010.access october,
2013).
 T. Perkovic, M. Cagali, and N. Rakic, “SSSL: Shoulder
surfing safe login,” in Software Telecommunications and
Computer Networks, pp. 270–275, 2009.

35. Refer Video Clip

36. ANY QUERIES..