3D-password

A more secured authentication

Bharat Kumar
Roll no:- 1473413012
Information Technology
REC, Banda
Guide:- Miss. Pragati Gupta
 Contents
What is Authentication
Existing system
Drawbacks in existing system
Proposed system
Advantages with proposed system
Applications
Attacks
Conclusion
 Authentication

Authentication is a process of validating who

are you to whom you claimed to be.

Human authentication techniques are as

follows:
Knowledge Base (What you know)
Token Based(what you have)
Biometrics(what you are)
Three Basic Identification Methods of
password
Possession
(something I have)
Knowledge
Keys (something I know)
Passport
Smart Card

Password
PIN

Biometrics
(something I am)

Face
Fingerprint
Iris
 Drawbacks
Textual Password:
Textual Passwords should be easy to remember
at the same time hard to guess
Full password space for 8 characters consisting
of both numbers and characters is 2 X 10
From an research 25% of the passwords out of
15,000 users can be guessed correctly by using
brute force dictionary
Graphical Password

One main drawback of applying biometric is its

intrusiveness upon a users personnel
characteristics.
 3d password
The 3D Password is a multifactor authentication
scheme that combine
RECOGNITION
+ RECALL
+TOKENS
+BIOMETRIC
In one authentication system
The 3D password presents a virtual environment
containing various virtual objects.

The user walks through the environment and interacts

with the objects
 3D Environment

Snapshot of a virtual environment , which contains 36

pictures and six computers as virtual objects
 Virtual objects
Virtual objects can be any object we encounter in real
life:
A computer on which the user can type
A fingerprint reader that requires users
fingerprint
A paper or white board on which user can type
A Automated teller(ATM) machine that
requires a token
A light that can be switched on/off
A television or radio
A car that can be driven
A graphical password scheme
 System implementation

The action towards an object that exists in location

(x1,y1,z1)
is different from action towards an another object
at (x2,y2,z2).
Therefore ,to perform the legitimate 3d password the
user must follow the same scenario performed by the
legitimate user.
This means interacting with the same objects that
reside at exact location and perform the exact actions in
the proper sequence
 Example

Let us consider a 3D virtual environment space of

size G G G. The 3D environment space is
represented by the coordinates (x, y, z) [1, . . . , G]
[1, . . . , G] [1, . . . , G].

The objects are distributed in the 3D virtual

environment with unique (x, y, z) coordinates. We
assume that the user can navigate into the 3D
virtual environment and interact with the objects
using any input device such as a mouse, key board,
fingerprint scanner, iris scanner, stylus, card reader,
and microphone.
 For example, consider a user who navigates through
the 3D virtual environment that consists of an office
and a meeting room. Let us assume that the user is in
the virtual office and the user turns around to the door
located in (10, 24, 91) and opens it. Then, the user
closes the door. The user then finds a computer to the
left, which exists in the position (4, 34, 18), and the
user types CAT. The initial representation of user
actions in the 3Dvirtual environment can be recorded
as follows::

*(10, 24, 91) Action = Open the office door;

*(10, 24, 91) Action = Close the office door;
*(4, 34, 18) Action = Typing, C;
*(4, 34, 18) Action = Typing, A;
*(4, 34, 18) Action = Typing, T;
 Advantages
Flexibility: 3D Passwords allows Multifactor
authentication biometric , textual passwords can be
embedded in 3D password technology.
Strength: This scenario provides almost unlimited
passwords possibility.
Ease to Memorize: can be remembered in the form
of short story.
Respect of Privacy: Organizers can select
authentication schemes that respect users privacy.
 Applications
The 3D password can have a password space that is
very large compared to other authentication schemes,
so the 3D passwords main application domains are
protecting critical systems and resources.

Critical Servers:

Nuclear Reactors & military Facilities:

Airplanes and missile Guiding:

 Applications
In addition,3D password can also be used in less
critical systems

A small virtual environment can be used in the

following systems like

ATM

Personal digital assistance

Desktop computers & laptops

Web authentication etc..,

 Attacks and counter measures

Brute Force Attack

Well studied Attack

Shoulder--surfing Attack
 Conclusion
The authentication can be improved with 3d
password ,because the un- authorized person may
not interact with same object at a particular
location as the legitimate user.

It is difficult to crack ,because it has no fixed no of

steps and a particular procedure

Added with biometrics and token verification this

schema becomes almost unbreakable