Technical Seminar on 3D Password

PRESENTED BY K.NIHARIKA
ROLLNO:- 18641A0522
VAAGDEVI COLLEGE OF ENGINEERING

Under the guidance of

Mrs.P.Shailaja madam
3D Password
 3D Password

• A 3D password is a multifactor
authentication scheme that
combine

RECOGNITION
+RECALL
+TOKENS
+BIOMETRICS

in one authentication system.

 INTRODUCTION
• The 3-D password is a multifactor authentication scheme.
• It can combine all existing authentication schemes into a single 3-D virtual
environment.
• This 3-D virtual environment contains several objects or items with which the user can
interact.
• The type of interaction varies from one item to another.
• The 3-D password is constructed by observing the actions and interactions of the user
and by observing the sequences of such actions.
Why?

• Access to any system it is most often based on the use of textual or alphanumeric
passwords. However, mostly end users have difficulty to remembering a password
that is long and random-appearing.
• Instead, they generally use short, simple, and insecure passwords. Graphical
passwords can be designed to try to make passwords more memorable and easier
for the end users to use and, therefore, system will be more secure.
• Using a graphical password or 3D password, users click on images rather than
type alphanumeric characters.
 Human Authentication Techniques - Classification
Textual Password

Existing System Knowledge Based

What you KNOW
Graphical Password

ATM cards

Token Based-What Keys

Human you HAVE
Authentication
techniques
ID Cards

Fingerprints, Palmprints

Hand geometry
Biometrics - What you
ARE
Face, Iris, Voice, Retina
recognition
 BRIEF DESCRIPTION OF SYSTEM

• The 3D password presents a virtual environment containing various

virtual objects.

• The user walks through the environment and interacts with the objects.

• It is the combination and sequence of user interactions that occur in the

3D environment.
• The user is presented with this 3d virtual environment where the user navigates and
interacts with various objects.

• The sequence of actions and interactions towards the objects inside the 3d
environment constructs the user’s 3d password.
 System Implementation
• For example, the user can enter the virtual environment and type something on a
computer that exists in (x1 , y1 , z1 ) position
• then enter a room that has a fingerprint recognition device that exists in a position (x2
, y2 , z2 ) and provide his/her fingerprint.
• Then, the user can go to the virtual garage, open the car door, and turn on the radio to
a specific channel.
• The combination and the sequence of the previous actions toward the specific objects
construct the user’s 3D password.
 Virtual objects
Virtual objects can be any object we encounter in real life:
• A computer on which the user can type in
• A fingerprint reader that requires users fingerprint
• A paper or white board on which user can type
• An Automated teller(ATM) machine that requires a token
• A light that can be switched on/off
• A television or radio
• A car that can be driven
• A graphical password scheme
 3D Virtual Environment
• 3-D virtual environment affects the usability, effectiveness, and
acceptability of a 3-D password system.

• 3-D environment reflects the administration needs and the security

requirements.
 Design guidelines

The design of 3D virtual environments should follow these guidelines:

Real Life Similarity

Object Uniqueness & Distinction
3D Virtual Environment Size
Number of objects & their types
System Importance
Advantages

• Provides security.
• 3D password can’t take by any other person.
• 3D graphical password has no limit.
• Password can change easily.
• Implementation of the system is easy.
• Password can remember easily.
• Password helps to keep lot of personal details.
 Applications
The 3D password’s main application domains are protecting critical systems and resources.
• Critical Servers
• Nuclear Reactors & military Facilities
• Airplanes and missile Guiding
• In addition, 3D passwords can be used in less critical systems
• A small virtual environment can be used in the following systems like
– ATM
– Personal Digital Assistance
– Desktop computers & laptops
– Web authentication etc.
State Diagram
 Security Analysis:
• To realize and understand how far an authentication scheme is secure, all possible
attack methods should be considered.

• Thorough study has to be done , whether the authentication scheme proposed is

immune against such attacks or not.

• Moreover, if the proposed authentication scheme is not immune, the countermeasures

have to be found that prevent such attacks.
Attacks:
• Brute Force Attack: The attacker has to try all possible 3-D passwords. This kind of attack is very
difficult for the following reasons:
– Time required to login
– Cost of attacks
• Well-Studied Attack: The attacker tries to find the highest probable distribution of 3-D passwords.
However, to launch such an attack, the attacker has to acquire knowledge of the most probable 3-D
password distributions.
• Shoulder Surfing Attack: An attacker uses a camera to record the user’s 3-D password or tries to
watch the legitimate user while the 3-D password is being performed. This attack is the most
successful type of attack against 3-D passwords and some other graphical passwords.
• Timing Attack: In this attack, the attacker observes how long it takes the legitimate user to perform a
correct sign-in using the 3-D password. This observation gives the attacker an indication of the
legitimate user’s 3-D password length.
 Conclusion
• The authentication can be improved with 3d password ,because the unauthorized person may not
interact with same object at a particular location as the legitimate user.

• It is difficult to crack ,because it has no fixed number of steps and a particular procedure.

• Added with biometrics and token verification this schema becomes almost unbreakable.

• The 3-D password is still in its early stages. Designing various kinds of 3-D virtual environments,
deciding on password spaces, and interpreting user feedback and experiences from such environments
will result in enhancing and improving the user experience of the 3-D password
Thank You