Professional Documents
Culture Documents
A Review On Secured Authentication Using 3D Password: M. Padmaja P.Manjula
A Review On Secured Authentication Using 3D Password: M. Padmaja P.Manjula
ABSTRACT
Users nowadays are provided with major password stereotypes such as textual passwords, biometric scanning, tokens
or cards (such as an ATM) etc .Mostly textual passwords follow an encryption algorithm as mentioned above.
Biometric scanning is your "natural" signature and Cards or Tokens prove your validity. But some people hate the
fact to carry around their cards, some refuse to undergo strong IR exposure to their retinas (Biometric scanning).
Mostly textual passwords, nowadays, are kept very simple say a word from the dictionary or their pet names,
girlfriends etc. Years back Klein performed such tests and he could crack 10-15 passwords per day. Now with the
technology change, fast processors and many tools on the Internet this has become a Child's Play.
Key words: Authentication, Multi-password, Quick Hull algorithm, Textual Passwords, 3-D Password, 3-D
Virtual Environment.
I. INTRODUCTION OF 3D PASSWORD
The authentication system which we are using is mainly very light or very strict. Since many years it has
become an interesting approach. With the development in means of technology, it has become very easy for
'others to hack someones password. Therefore many algorithms have come up each with an interesting
approach toward calculation of a secret key. The algorithms are such based to pick a random number in the
range of 10^6 and therefore the possibilities of the sane number coming is rare. We are provided with many
password types such as textual passwords, biometric scanning, tokens or cards (such as an ATM) etc. But
there are many weaknesses in current authentication systems. When a person uses textual passwords, he
likely chooses meaningful words from dictionary or their nick names, girlfriends etc which can be cracked
easily. And if a password is hard to guess then it is hard to remember also. Users face difficulty in
remembering a long and random appearing password and because of that they create small, simple, and
insecure passwords that are easy to attack. Graphical passwords can also be used. Their strength comes from
the fact that users can recall and recognize pictures more than words. Token based systems can also be used
as way of authentication in banking systems and for entrance in laboratories. But smart cards or tokens are
susceptible to loss or theft. Biometric scanning is your "natural" signature and Cards or Tokens prove your
validity.
Ideally there are two types of Authentication schemes are available according to nature of scheme &
techniques used, those types are
1) Recall based:
In this authentication tech. user need to recall or remember his/her password which is created before [1].
Knowledge based authentication is a part of this technique, E.g. Textual password, graphical password etc.
this technique is commonly used all over the world where security needed.
2) Recognition based:
In this user need to identify, recognize password created before. Recognition based authentication can be
used in graphical password. Generally this technique is not use much more as Recall based is used. Still
December 2016 Inside Journal (www.insidejournal.org) Page | 121
Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research
both recall based & recognition based authentication techniques having some drawbacks & limitations when
they are used separately or used single authentication scheme at a time. To overcome these drawbacks &
limitations of previously existing authentication schemes. We have introduced a new authentication scheme
which is based on previously existing schemes. This authentication scheme is based on combination of
passwords called as 3D Password. Which is a multifactor scheme uses combination of above discussed
scheme as well as biometric & many other schemes [1]. All these schemes are implemented in virtual 3D
environment while creating 3d Password. Where this environment contain various virtual objects through
which user interacts with. The interaction with 3D environment changes as per user changes. The 3-D
password is constructed by observing the actions and interactions of the user and by observing the
sequences of such actions [2] [3] [5].
Graphical Passwords
A graphical password is an authentication system that works by having the user select from images, in a
specific order, presented in a graphical user interface (GUI). For this reason, the graphical-
password approach is sometimes called graphical user authentication (GUA). Graphical passwords may
offer better security than text-based passwords because many people, in an attempt to memorize text-based
passwords, use plain words (rather than the recommended jumble of characters). A dictionary search can
often hit on a password and allow a hacker to gain entry into a system in seconds. But if a series of
selectable images is used on successive screen pages, and if there are many images on each page, a hacker
must try every possible combination at random. If there are 100 images on each of the 8 pages in an 8-
image password, there are 1008, or 10 quadrillion (10,000,000,000,000,000), possible combinations that
could form the graphical password! If the system has a built-in delay of only 0.1 second following the
selection of each image until the presentation of the next page, it would take (on average) millions of years
to break into the system by hitting it with random image sequences.
Biometrics
Biometrics is the measurement and statistical analysis of people's physical and behavioral characteristics.
The technology is mainly used for identification and access control, or for identifying individuals that are
under surveillance. The basic premise of biometric authentication is that everyone is unique and an
individual can be identified by his or her intrinsic physical or behavioral traits. Authentication
by biometric verification is becoming increasingly common in corporate and public security systems,
consumer electronics, and point-of-sale applications. In addition to security, the driving force behind
biometric verification has been convenience, as there are no passwords to remember or security tokens to
carry. Measuring someones gait doesnt even require a contact with the person.
Biometric devices, such as fingerprint readers, consist of:
A reader or scanning device.
Software that converts the scanned information into digital form and compares match points.
A database that stores the biometric data for comparison.
II.PROPOSED SYSTEM
Proposed authentication scheme is combination of many other authentication schemes together. 3D
password is combination of both recall-based (i.e. textual password, etc) & recognition based (i.e. graphical
password, biometrics, etc). So that 3D password is multifactor & multi password authentication scheme. For
authentication with 3D password a new virtual environment is introduced called as 3D virtual environment
where user navigate , moving in 3D virtual environment to create a password which is based on both the
schemes. We dont use biometric scheme because biometric having some major drawbacks (like h/w cost is
more) So that we have not included biometric authentication in our 3D password scheme. Because biometric
authentication is efficient over shoulder surfing attacks. But other attacks are venerable & easy on biometric
authentication. Also inclusion of biometric may leads to increasing the cost of scheme & more hardware
parts needed. .
B.DISADVANTAGES
1. Difficult for blind people to use this technology.
2. Requires sophisticated computer technology.
3. Expensive.
4. A lot of program coding is required.
Currently available schemes include textual password and graphical password .But both are vulnerable to
certain attacks. Moreover, there are many authentication schemes that are currently under study and they
may require additional time and effort to be applicable for commercial use [1]. The 3-D password is a
multifactor & multi password authentication scheme that combines these various authentication schemes.
The virtual environment can contain any existing authentication scheme or even any upcoming
authentication schemes. Due to which passwords space increases. It is the users choice and decision to
construct the desired and preferred 3-D password. The 3D password is still new & in its early stages [1].
Designing various kinds of 3-D virtual environments, deciding on password spaces, and interpreting user
feedback and experiences from such environments will result in enhancing.
REFERENCES
[1] Alsulaiman, F.A.; El Saddik, A., "Three- for Secure," IEEE Transactions on Instrumentation and
measurement, vol.57, no.9, pp 1929-1938.Sept. 2008.
[2] Vidya Mhaske et al, Int.J.Computer Technology & Applications, Vol 3 (2), ISSN: 2229-6093, 510-519.
[3] Tejal Kognule and Yugandhara Thumbre and Snehal Kognule, 3D password International Journal of
December 2016 Inside Journal (www.insidejournal.org) Page | 125
Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research