Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 54 views

    Presented By:: Manisha Saini

    Uploaded by

    Partha Harshith
    The document discusses 3D passwords as an authentication technique. It begins with definitions of passwords, passphrases, and authentication. It then discusses drawbacks of traditional authentication and introduces 3D passwords as a multifactor authentication scheme combining knowledge-based, token-based, and biometric authentication in a virtual 3D environment. Users interact with virtual objects in the environment in a specific sequence to authenticate. The document covers implementation details, working, advantages like increased security and flexibility, and disadvantages like cost and complexity.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Presented By:: Manisha Saini

    Uploaded by

    Partha Harshith
    54 views31 pages
    The document discusses 3D passwords as an authentication technique. It begins with definitions of passwords, passphrases, and authentication. It then discusses drawbacks of traditional authentication and introduces 3D passwords as a multifactor authentication scheme combining knowledge-based, token-based, and biometric authentication in a virtual 3D environment. Users interact with virtual objects in the environment in a specific sequence to authenticate. The document covers implementation details, working, advantages like increased security and flexibility, and disadvantages like cost and complexity.

    Original Description:

    3dpassword

    Original Title

    3dpasswordppt1 150125050948 Conversion Gate01

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses 3D passwords as an authentication technique. It begins with definitions of passwords, passphrases, and authentication. It then discusses drawbacks of traditional authentication and introduces 3D passwords as a multifactor authentication scheme combining knowledge-based, token-based, and biometric authentication in a virtual 3D environment. Users interact with virtual objects in the environment in a specific sequence to authenticate. The document covers implementation details, working, advantages like increased security and flexibility, and disadvantages like cost and complexity.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    54 views31 pages

    Presented By:: Manisha Saini

    Uploaded by

    Partha Harshith
    The document discusses 3D passwords as an authentication technique. It begins with definitions of passwords, passphrases, and authentication. It then discusses drawbacks of traditional authentication and introduces 3D passwords as a multifactor authentication scheme combining knowledge-based, token-based, and biometric authentication in a virtual 3D environment. Users interact with virtual objects in the environment in a specific sequence to authenticate. The document covers implementation details, working, advantages like increased security and flexibility, and disadvantages like cost and complexity.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 31

    PRESENTED BY :

    MANISHA SAINI
    1. Password
    2. Passphrase
    3. Authentication
    4. Drawbacks of Human Authentication Techniques
    5. 3D password
    6. Virtual Environment
    7. Virtual Objects
    8. System Implementation
    9. Mathematical Concept Related to 3D password
    10. Example
    11. State Diagram
    12. Working of 3D password
    13. Programming languages
    14. Attacks and Counter Measures
    15. Advantages
    16. Disadvantages
    17. Applications
    18. References
    • A password is a word or string of characters
    used for the authentication to prove identity.
    • Password is basically an encryption
    algorithms.
    • It is 8-15 character or slightly more than that.
    • Passwords are the first line of defense against
    cyber criminals.
     It is the advanced version of password.
     It is a combination of words or simply
    collection of password in a proper sequence.
     Length of passphrase is from 30-50 words or
    more than that also.
     More secure than an ordinary password.
     Authentication is a process of validating who
    are you to whom you are claimed to be.

     Human authentication techniques are :


    1. Knowledge based (What you know)
    2. Token based (What you have)
    3. Biometrics (What you are)
    (a) Pin
    (b) Password
    (c) Patterns

    (a) Keys
    (b) Passport
    (c) Smart card
    (d) ID proofs

    (a) Face recognition


    (b) Fingerprints
    (c) Iris
    (d) DNA
    (e) Voice
    (f) Hand geometry
    (a) Easy to remember -> Easy to break
    Hard to guess -> Hard to remember
    (b) Vulnerable to attacks like dictionary attacks, brute force attacks etc.

    (a) Duplicate keys, smart cards, ID proofs are easily available.

    (a) Instructiveness to privacy.


    (b) Resistance to exposure of retinas to IR rays.
    (c) Hackers implement exact copy of your biometrics.
     The 3D password is a multifactor authentication
    scheme that combine KNOWLEDGE BASED + TOKEN
    BASED + BIOMETRICS in one authentication system.
     It presents a virtual environment containing various
    virtual objects.
     It is simply the combination and sequence of user
    interactions that occur in the 3D environment.
     The user walks through the environment and
    interacts with the objects.
     More customizable and very interesting way of
    authentication.
    • A virtual environment is a computer-based simulated
    environment.
    • The 3D virtual environment consists of many items and
    objects.
    • It is created inside a 2D screen and is a real time scenario .
    • Each item has different responses to action.
    • The user actions, interactions and inputs towards the objects
    or toward the 3D virtual environment creates the user’s 3D
    password.
    • Communication between users can range from text, graphical
    icons, visual gesture, sound, and rarely, forms using touch,
    voice command, and balance senses.
    • 3D virtual environment affects the usability,
    effectiveness and acceptability of a 3D
    password system.
    • 3D environment reflects the administration
    needs and security requirements.
    Virtual objects can be any objects we encounter in real life such as:
     A computer on which user can type.
     An ATM machine that requires a token (ATM card).
     A fingerprint reader that requires user fingerprints.
     A paper or white board on which user can write.
     A light that can be switched on/off.
     A television.
     A radio.
     A car that can be driven.
     A graphical password scheme.
     The action towards an object that exists in
    location (x1,y1,z1) is different from action towards
    an another object at (x2,y2,z2).
     To perform the legitimate 3D password the user
    must follow the same scenario performed by the
    legitimate user.
     This means interacting with the same objects
    that reside at exact location and perform the exact
    actions in the proper sequence.
    1. Time Complexity :
    Let us assume that A is the virtual 3D environment plotting and B is
    algorithmic processing. Then,
    Time complexity = Am + Bn
    where ‘m’ is time required to communicate with system, and ‘n’ is time
    required to process each algorithm in 3D environment.
    2. Space Complexity:
    • System include 3D virtual environment, so that each point in this
    environment will having 3 co-ordinate values.
    • Any point from 3D virtual environment is represented in the form
    of (X, Y, Z). X, Y & Z are the coordinate values stored for particular
    point.
    • Space complexity = n3
    3. Class Of Problem:
    Three types of classes provided are:
    (a) P class: A decision problem is in P if there is a known
    polynomial-time algorithm to get that answer.
    (b) NP-hard class: Decision problem is in NP if there is a known
    polynomial-time algorithm for a non-deterministic machine to
    get the answer.
    (c) NP complete class: NP-complete if you can prove that (1) it‘s
    in NP, and (2) show that it‘s poly-time reducible to a problem
    already known to be NP-complete.
    • Let us consider a 3D virtual environment space
    of size G x G x G. The 3D environment space is
    represented by the coordinates (x,y,z) ϵ [1,…,G] x
    [1,…,G] x [1,…,G].
    • The objects are distributed in the 3D virtual
    environment with unique (x,y,z) coordinates. We
    assume that the user can navigate into the 3D
    virtual environment and interact with the
    objects using any input device such as a mouse,
    keyboard, fingerprint scanner, iris scanner, card
    readers, microphones, stylus, etc.
    • Let us consider a user who navigates through the 3D virtual
    environment that consists of an office and a meeting room.
    Let us assume that the user is in the virtual office and the
    user turns around the door located in (1,2,3) and opens it.
    Then, the user closes the door. The user then finds a
    computer to the left, which exists in the position (4,5,6),
    and the user types “ABC”. The initial representation of user
    actions in the 3D virtual environment can be recorded as
    follows:
    (1,2,3) action = open the office door
    (1,2,3) action = close the office door
    (4,5,6) action = typing “A”
    (4,5,6) action = typing “B”
    (4,5,6) action = typing “C”
    Typing a letter or a number Clicks

    Typical Click on a
    Performing
    Textual graphical
    password
    Graphical Password
    Password
    Specific item
    key Specific key pressed
    password

    Biometric item
    Moving Inside is checked
    Enter User Name Performing
    Virtual 3D
    Biometrics
    Environment

    Login
    password
    Access not Move object,
    Verifying Turn ON/OFF
    granted
    Access
    Changing
    granted
    Item Status
     C++
     Java and Java3D
     .NET languages such as C# or Visual Basics
     Parrot virtual machine
     OpenGL library :
    (i) uses both graphics and CAD programs.
    (ii) supported on Windows, Macintosh, UNIX workstations,
    PCs, X-Box, Linux, etc.
     GLUT :
    (i) library for using C++ and OpenGL
     Direct 3D :
    (i) supported only on Microsoft windows platforms and X-
    box.
    1. Brute Force Attack: A brute force attack is a trial-and-error
    method used to obtain information such as a user password or
    personal identification number (PIN). The attack is difficult
    because:
    (i) Required time to login: Time required to login may vary from
    20 seconds to 2 minutes. So, is time consuming.
    (ii) Cost of attack: Cost of creating 3D virtual environment is very
    high.
    2. Well Studied Attack:
    (i) Attacker has to study whole password scheme.
    (ii) Attacker has to try combination of different attacks on
    scheme.
    (iii) As 3D password scheme is multi-factor & multi-password
    authentication scheme, attacker fail to studied whole scheme.
    This attacks also not much effective against 3D password
    scheme.
    3. Shoulder Suffering Attack:
    (i) An attacker uses a camera to record the password.
    (ii) 3D password contains biometric identifications, so
    are difficult to break.

    4. Timing Attack:
    (i) The attacker observes how long it takes a
    legitimate user to perform a correct sign-in using 3D
    password.
    (ii) Helps in determining length of password.
    (iii) Effective if the 3D virtual environment is
    designed correctly.
    5. Key logger:
    (i) Attacker install as software called key logger on
    system where authentication scheme is used.
    (ii) Software stores text entered through
    keyboard and those text are stored in text file.
    (iii) More effective and useful for only textual
    password. Fails in case of 3D password because it
    includes biometrics which are hard to crack.
    1. Provides high security.
    2. Flexible, as it provides multifactor authentication ,i.e., token
    based, knowledge based, biometrics.
    3. Provides infinite number of password possibilities.
    4. Can be memorized in form of short stories.
    5. Implementation of system is easy.
    6. Ease to change password anytime.
    7. Helps to keep lot of personal details.
    8. Due to the use of multiple schemes in one scheme password
    space is increased to great extent.
    1. Difficult for blind people to use this
    technology.
    2. A lot of program coding is required.
    3. Very expensive.
    4. Time and memory requirement is large.
    1. Critical servers.
    2. Nuclear reactors and military facilities.
    3. Airplanes, jet fighters and missile guiding.
    4. Networking.
    5. A small virtual environment can be used in following
    areas:
    (i) ATM.
    (ii) Desktop computers and laptop logins.
    (iii) Web authentication.
    (iv) Security analysis.
     The authentication can be improved with 3D
    password, because the unauthorized person
    may not interact with same object at a
    particular location as the legitimate user.
     It is difficult to crack because it has no fixed
    number of steps and a particular procedure.
     Added with biometrics and token verification
    this scheme becomes almost unbreakable.
     www.ifet.ac.in
    3Dvas.com
     www.ijesit.com
     www.sri.com
    https://www.youtube.com/watch?v=Tw1
    mXjMshJE

    You might also like