GOVERNMENT OF KARNATAKA

DEPARTMENT OF COLLEGIATE AND TECHNICAL EDUCATION

GOVERNMENT ENGINEERING COLLEGE, HAVERI-581110

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
A

TECHNICAL SEMINAR REPORT

ON

“3-D PASSWORD”

Submitted in the Partial Fulfillment for the Degree of

BACHELOR OF ENGINEERING

IN

COMPUTER SCIENCE AND ENGINEERING

Submitted By
MOOLIMANI RAJESHWARI 2GO20CS027

Under the guidance of

Asst. Prof. Shivaraj H Mali

Dept. of CSE, GEC Haveri

VISVESVARAYA TECHNOLOGICAL UNIVERSITY, BELAGAVI

[2023-2024]
 GOVERNMENT OF KARNATAKA

DEPARTMENT OF COLLEGIATE AND TECHNICAL EDUCATION

GOVERNMENT ENGINEERING COLLEGE DEVAGIRI, HAVERI

(Affiliated to Visvesvaraya Technological University)

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Certificate
This is to certify that the Technical Seminar report entitled “3-D PASSWORD” carried out
by Moolimani Rajeshwari, 2G020CS027, are bonafide student of Government Engineering
College, Haveri in partial fulfillment for the award of Bachelor of Engineering in Computer
Science and Engineering of the Visvesvaraya Technological University, Belagavi during the year
2022-2023. The technical seminar report has been approved as it satisfies the academic requirements
in respect of Technical seminar report prescribed for the said Degree.

Signature of Guide Signature of HOD Signature of Principal

 ACKNOWLEDGEMENT
The sense of contentment and elation that accomplishes the successful of completion
of our task would be incomplete without mentioning the names of the people who helped in
accomplishment of this technical seminar, whose constant guidance, support and
encouragement resulted in its realization.

We would greatly mention the enthusiastic influence provided by Asst. Prof. Shivaraj H Mali
Seminar Guide, for their ideas and co-operation showed on us during venture and making this
project a great success.

I express my sincere thanks to my technical seminar coordinator Prof. Mrs. Ratna, for his valuable
guidance and kind supervision.

I would greatly mention the enthusiastic influence provided by to Prof. Nityananda, HOD,
Department of Computer Science and Engineering, Project Guide, for their ideas and
cooperation showed on us during venture and making this project a great success.

I take this opportunity to the Principal, Dr Jagadish Kori, GEC HAVERI, for being kind
enough to provide us an opportunity to work on a project in this institution.

I also extend our thanks to all the faculty members of Computer Science Department, GEC
Haveri, who have encouraged us throughout the course of bachelor engineering.

MOOLIMANI RAJESHWARI

2GO20CS027
 TABLE OF CONTENTS
Title Page no

Chapter 1: Introduction 1-2

Chapter 2: Literature Review 3-4

Chapter 3: Relevance of Technology 5-7

3.1 Existing System

3.2 Proposed System

3.3 Advantages

3.4 Disadvantages

Chapter 4: System Architecture 8-9

Chapter 5: Methodology 10-11

Chapter 6: Application 12

Conclusion 13

References 14

TABLE OF FIGURES
Figure Names Page No
Fig 1: Multi-Password authentication scheme 5

Fig 2: Snapshot of 3-D environment 6

Fig 3: System Architecture 8

Fig 4:VIisual image of 3-D Password 9

Fig 4: Snapshot on art gallery 10

 ABSTRACT
Current authentication systems suffer from many weaknesses. Textual passwords are
commonly used; however, users do not follow their requirements. Users tend to choose
meaningful words from dictionaries, which make textual passwords easy to break and
vulnerable to dictionary or brute force attacks. Many available graphical passwords
have a password space that is less than or equal to the textual password space. Smart
cards or tokens can be stolen. Many biometric authentications have been proposed;
however, users tend to resist using biometrics because of their intrusiveness and the
effect on their privacy. Moreover, biometrics cannot be revoked. In this paper, we
present and evaluate our contribution, i.e., the 3-D password. The 3-D password is a
multifactor authentication scheme. To be authenticated, we present a 3-D virtual
environment where the user navigates and interacts with various objects. The sequence
of actions and interactions toward the objects inside the 3-D environment constructs
the user’s 3-D password. The 3-D password can combine most existing authentication
schemes such as textual passwords, graphical passwords, and various types of
biometrics into a 3-D virtual environment. The design of the 3-D virtual environment
and the type of objects selected determine the 3-D password key space.
 3-D PASSWORD

CHAPTER 1

INTRODUCTION

Authentication is the most basic and important service provided to various systems to provide
security using various authentication schemes. A system should only be used the authorized
users to protect the system. There are many authentication schemes available to provide
security to the systems. There are basically two types of authentication schemes available.
They are: Recall Based, Recognition based.

• Recall Based: Recall Based authentication technique is a technique where a user has to
remember the credentials that he/she has created earlier during the registration or signup. It
includes knowledge-based technique is the part of it. For example: Textual Passwords,
graphical passwords etc. Textual passwords are the most used authentication technique
worldwide.

• Recognition Based: Recognition based authentication technique is a technique where a user

recognizes the password created before. It includes various authentication schemes such as:
iris recognition, face recognition, finger prints etc. There are various authentication schemes
available but still they have drawbacks if they are used separately. Some of the drawbacks
of them are: in case of textual passwords, users generally use similar kind of texts like name,
date of birth, or simple dictionary words. These passwords can be cracked easily using Brute
force attack, where hacker or unauthorized personnel tries to crack the password using
various dictionary words. To overcome these issues a new authentication scheme is
introduced called “3D Password” which is the combination of previously existing
authentication techniques.

3D password is an authentication scheme which includes various combinations already

available authentication schemes. This makes it multifactor authentication scheme. These
already available authentication schemes are combined in a 3D virtual environment to create
3D password. The virtual environment contains various real time objects. The user interacts
with the objects present in the virtual environment and according to the interaction patterns

Dept of CSE,GEC,Haveri 2023-24 Page 1

 3-D PASSWORD
the 3D password is generated. As different user’s behavior will be different and so that the
interacting pattern differs. Therefore, different user’s will be having different passwords and
it has very few chances to be same.

Dept of CSE,GEC,Haveri 2023-24 Page 2

 3-D PASSWORD

CHAPTER 2

LITERATURE REVIEW
Dhatri Raval, in her paper explains about the various already available password
authentication schemes such as knowledge based, token based, recognition based, biometrics
based.[1] Parul, Neetu Verma, in their paper discuss about the drawbacks of the already
available authentication schemes. They explained that people use textual passwords which are
easy to remember and they can be cracked easily using Brute force attacks. [2] Nayana S, Dr.
Niranjanamurthy, Dr. Dharmendra Chahar, in their paper explains about the advantages and
disadvantages of the 3D password. They explained that the 3D password is better than the other
existing authentication systems but on the other hand it is expensive.[3] Tejal M. Kognule,
Monica G. Gole, Priyanka T. Dabade, Sagar B. Gawade, in their paper explains about the
objects inside the 3D virtual environment. They found that the objects must be clearly visible
and identical to each other. [4] Mrs Ashwini B P, Ms Bhumika J, Ms Chinmayee T S, Mr. G M
Akshay Bhat, Mr Naveen Kumar N, in their paper explain about the goals of the 3D password
scheme. They explained that the 3D password must be the combination of both recall-based
and recognition-based authentication techniques and these are not easy as to write on paper as
they are coordinates. [5] Ganesh Jairam Rajguru, in his paper he focuses on how the 3D
password can be generated. And how they can be represented on a 2D screen.[6] Parag Vade,
Vaidehi Rahangdale, Saurabh Veer, in their paper focuses on the mathematical concepts related
to 3D password scheme. They discuss on the time complexity, space complexity and the class
problem related to the 3D password. [7] Sahana R. Gadagkar, Aditya Pawaskar, Mrs Ranjeeta
B. Pandhare, in their paper discuss about the design of the 3D environment. They also
discussed about the length of the 3D password based on the design of the system. [8] Anagha
Kelkar, Komal Mukadam, in their paper discussed about the devices required to develop the 3
D password authentication systems. They mostly focussed on the input devices through which
the user interacts the 3 D environment. [9] P.K. Dhanya, M. Keerthiga, S Dinakar, in their paper
discussed on the various attacks that are being done on the already available authentication
schemes. They explained about Brute force attack, timing attacks, well studied attacks etc. [10]
There are many authentication schemes already available. They are knowledge based (textual

Dept of CSE,GEC,Haveri 2023-24 Page 3

 3-D PASSWORD
password), token based (ATMs, credit cards), biometric based (thumb impression, iris
recognition), graphical passwords, face recognitions. These all authentication schemes are used
implemented separately on various systems for the security purposes. There are various attacks
through which these authentication schemes can be broken which can lead to huge loss of
information or data. 3D password is the combination of recallbased and recognition-based
authentication systems. By having the combination of various authentication schemes, it
becomes multi-factor and multi-password authentication schemes. 3D password’s main
component is 3D virtual environment. The 3D virtual environment is interactive and contain
various real-life objects through which the user interacts. The 3D password is generated by
noticing the sequence of the interactions and then stored in encrypted form.

Dept of CSE,GEC,Haveri 2023-24 Page 4

 3-D PASSWORD

CHAPTER 3

RELEVANCE OF TECHNOLOGY

3.1 EXISTING SYSTEM

Problems with the existing system Existing authentication schemes have some drawback like
keystroke tracking. Textual password is hard to remember and it can be guessed correctly
by using brute force attack. Where 3-D passwords are flexible as they provide unlimited
passwords possibility.
Graphical passwords can be easily recognize and it is affected by shoulder surfing attacks.
Timing attacks is based on how much time required completing successful login using 3-D
password. Well studied attack is also a problem in 3D password. in this attacker has to study
whole password scheme.

3.2 PROPOSED SYSTEM

Proposed System 3D password is the combination of both the authentication schemes together.
This scheme combines both recall-based (for example: textual passwords) and
recognitionbased (for example: graphical passwords). This is how it becomes multi password and
multi factor authentication scheme.

FIG 1: 3D Password as multi-factor and multi-password authentication scheme

Dept of CSE,GEC,Haveri 2023-24 Page 5

 3-D PASSWORD
3D password introduces a new virtual environment called 3D virtual environment. In this
virtual environment the user navigates and thus the password is generated by noticing the
navigation sequence of the users. Here biometric authentication schemes are not used mostly.

Biometrics includes higher costs than other authentication schemes and is efficient for the
shoulder surfing attacks. In other attacks biometrics are more vulnerable than other techniques.
© 2021 JETIR June 2021, Volume 8, Issue 6 www.jetir.org (ISSN-2349-5162) JETIR2106310
Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org c282 In 3D
password scheme the combination of various authentication schemes depends on the interest
of the user. The user has choice to select the combination and the authentication scheme is
developed on that choice.

FIG 2: shows the snapshot of a 3D virtual environment.

The virtual environment can be created based on any real-time environment like office, gallery
etc. The 3D virtual environment are made interactive so the user can interact with the objects
in the virtual environment and create his/her 3D password.

3.3 ADVANTAGES OF 3-D PASSWORD

Compare to text & graphical password 3D password is more secure.
1. It provides user options to choose the type of authentication of his/her own choice.

• There are number of options available for users to choose sequence of own choice.
• In 3D password user can build a sequence which is easier for him to remember.

Dept of CSE,GEC,Haveri 2023-24 Page 6

 3-D PASSWORD
2. It eliminates a brute force attack.
• All data and critical information like passwords are stored in encrypted manner so it’s
difficult for brute force attack to crack it.

• In 3D password combination of recognition and recall base are using so it is difficult.

3. Provides high level security to the system which contains more important data.
• Its provide hide securities to data using multi factors and multiple technique to
protect data.
4. Secure against a software like key logger.

• Software like key logger installed in a system it’s difficult to secure your data these
types software’s are stored all text which are pass through thkeyboard. In 3D
password graphical password is also use for authentication.

3.4 DISADVANTAGES OF 3-D PASSWORD

1. Shoulder attack.
• Attackers observe the user from back shoulder than easily break their
authentication.
2. More Time and memory.
• To use 3D password its require more time and memory chunk because 3D
password need more space to store in database.
3. It’s Expensive.
• 3D Password is more expensive compare to other authentication technique.
4. Complexity.
• 3D password is more complexity in coding.

Dept of CSE,GEC,Haveri 2023-24 Page 7

 3-D PASSWORD

CHAPTER 4

SYSTEM ARCHITECTURE

FIG 3: System Architecture

Dept of CSE,GEC,Haveri 2023-24 Page 8

 3-D PASSWORD

FIG 4:VISUAL IMAGE3-D PASSWORD

Dept of CSE,GEC,Haveri 2023-24 Page 9

 3-D PASSWORD

CHAPTER 5

METHODOLOGY

3-D PASSWORD SELECTION AND INPUTS

Let us consider a 3-D virtual environment space of size G x G x G. The 3-D environment
space is represented by the coordinates (x, y, z) Є [1, . . . , G] x [1, . . . , G] x [1, . . . , G]. The
objects are distributed in the 3-D virtual environment with unique (x, y, z) coordinates. We
assume that the user can navigate into the 3-D virtual environment and interact with the
objects using any input device such as a mouse, keyboard, fingerprint scanner, iris scanner,
stylus, card reader, and microphone. We consider the sequence of those actions and
interactions using the previous input devices as the user’s 3-D password.

FIG 5: (a) Snapshot of a proof-of-concept 3-D virtual environment, where the user is typing a
textual password on a virtual computer as a part of the user’s 3-D password. (b)Snapshot of a
proof- of-concept virtual art gallery, which contains 36 pictures and six computers

THE WORKING PRINCIPLE

The 3-D password is a multifactor authentication scheme. The 3-D password presents a 3-D
virtual environment containing various virtual objects. The user navigates through this

Dept of CSE,GEC,Haveri 2023-24 Page 10

 3-D PASSWORD
environment and interacts with the objects. The 3-D password is simply the combination and
the sequence of user interactions that occur in the 3-D virtual environment. The 3-D password
can combine recognition-, recall-, token-, and biometrics-based systems into one authentication
scheme. This can be done by designing a 3-D virtual environment that contains objects that
request information to be recalled, information to be recognized, tokens to be presented,
and biometrical data to be verified. For example, the user can enter the virtual environment
and type something on a computer that exists in (x1, y1, z1) position, then enter a room that has
a fingerprint recognition device that exists in a position (x2, y2, z2) and provide his/her
fingerprint. Then, the user can go to the virtual garage, open the car door, and turn on the radio
to a specific channel. The combination and the sequence of the previous actions toward the
specific objects construct the user’s 3-D password.

Virtual objects can be any object that we encounter in real life. Any obvious actions and
interactions toward the real-life objects can be done in the virtual 3-D environment toward the
virtual objects. Moreover, any user input (such as speaking in a specific location) in the virtual
3-D environment can be considered as a part of the 3-D password. We can have the following
objects:
1. A computer with which the user can type;
2. A fingerprint reader that requires the user’s fingerprint;
3. A biometrical recognition device;
4. A paper or a white board that a user can write, sign, or Draw on;
5. An automated teller machine (ATM) that requests a token;
6. A light that can be switched on/off;
7. A television or radio where channels can be selected;
8. A staple that can be punched;
9. A car that can be driven;
10. A book that can be moved from one place to another;
11. Any graphical password scheme;
12. Any real-life object;.

Dept of CSE,GEC,Haveri 2023-24 Page 11

 3-D PASSWORD

CHAPTER 6

APPLICATION

Because a 3-D password can have a password space that is very large compared to other
authentication schemes, the 3-D password’s main application domains are protecting critical
systems and resources. Possible critical applications include the following.
1. Critical servers: Many large organizations have critical servers that are usually
protected by a textual password. A 3-D password authentication proposes a sound
replacement for a textual password. Moreover, entrances to such locations are usually
protected by access cards and sometimes PIN numbers. Therefore, a 3-D password can
be used to protect the entrance to such locations and protect the usage of such servers.
2. Nuclear and military facilities: Such facilities should be protected by the most
powerful authentication systems. The 3-D password has a very large probable
password space, and since it can contain token-, biometrics-, recognition-, and
knowledge-based authentications in a single authentication system, it is a sound choice
for high level security locations.
3. Airplanes and jetfighters: Because of the possible threat of misusing airplanes and
jetfighters for religion-political agendas, usage of such airplanes should be protected
by a powerful authentication system. The 3-D password is recommended for these
systems.
In addition, 3-D passwords can be used in less critical systems because the 3-D virtual
environment can be designed to fit any system’s needs. A small 3-D virtual environment can
be used in many systems, including the following:
1. ATMs;
2. Personal digital assistants;
3. Desktop computers and laptop logins;
4. Web authentication.

Dept of CSE,GEC,Haveri 2023-24 Page 12

 3-D PASSWORD

CONCLUSION

Currently there are many authentication systems available. Some of them are based on the
users’ behaviour, while some of them are based on users’ knowledge. All of them are used
separately. Being used separately the systems becomes vulnerable to the attackers. The
attackers can get to know the textual passwords through Brute force attacks. This may cause
a huge loss to the users. The 3D password is the multi-factor and multi-password
authentication scheme which can combine all the already available authentication schemes.
Its most basic component is the 3D virtual environment. The 3D virtual environment contains
unique and distinct real-time objects on which the user interacts and generates the password.
The password is generated by noticing the coordinates of the sequence of interactions in the
text file. The text file then encrypts and after that gets stored in the database.

Dept of CSE,GEC,Haveri 2023-24 Page 13

 3-D PASSWORD

REFERENCES

[1] X. Suo, Y. Zhu, and G. S. Owen, “Graphical passwords: A survey,” in Proc. 21st Annu.
Comput. Security Appl. Conf., Dec. 5–9, 2005, pp. 463–472.

[2] D. V. Klein, “Foiling the cracker: A survey of, and improvement to passwords security,”
in Proc. USENIX Security Workshop, 1990, pp. 5–14. Authorized licensed use limited
to: IEEE Xplore. downloaded on March 5, 2009 at 02:38 from IEEE Xplore.
Restrictions apply. 1938 IEEE TRANSACTIONS ON INSTRUMENTATION AND
MEASUREMENT, VOL. 57, NO. 9, SEPTEMBER 2008
[3] NBC news, ATM Fraud: Banking on Your Money, Dateline Hidden Cameras Show

Criminals Owning ATMs, Dec. 11, 2003.

[4] BBC news, Cash Machine Fraud up, Say Banks, Nov. 4, 2006.

[5] G. E. Blonder, “Graphical password,” U.S. Patent 5 559 961, Sep. 24, 1996.

[6] R. Dhamija and A. Perrig, “Déjà Vu: A user study using images for authentication,” in
Proc.
9th USINEX Security Symp., Denver, CO, Aug. 2000, pp. 45–58.

[7] Real User Corporation, The Science Behind Passfaces. (2005, Oct.). [Online].
Available:

http://www.realusers.com

Dept of CSE,GEC,Haveri 2023-24 Page 14