Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen.

Published byChristal Alexia Johns Modified over 9 years ago

Similar presentations

Presentation on theme: "Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen."— Presentation transcript:

1 Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen

2  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

3  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

4  How about text-based passwords ? ◦ Difficulty of remembering passwords  easy to remember -> easy to guess  hard to guess -> hard to remember ◦ Users tend to write passwords down or use the same passwords for different accounts  An alternative: Graphical Passwords ◦ Psychological studies: Human can remember pictures better than text

5  If the number of possible pictures is sufficiently large, the possible password space may exceed that of text-based schemes, thus offer better resistance to dictionary attacks.  can be used to: ◦ workstation ◦ web log-in application ◦ ATM machines ◦ mobile devices

6  Conduct a comprehensive survey of the existing graphical password techniques  Discuss the strengths and limitations of each method  Point out future research directions

7  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

8  Token based authentication ◦ key cards, band cards, smart card, …  Biometric based authentication ◦ Fingerprints, iris scan, facial recognition, …  Knowledge based authentication ◦ text-based passwords, picture-based passwords, … ◦ most widely used authentication techeniques

9  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

10  Recognition Based Techniques ◦ a user is presented with a set of images and the user passes the authentication by recognizing and identifying the images he selected during the registration stage  Recall Based Techniques ◦ A user is asked to reproduce something that he created or selected earlier during the registration stage

11  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

12  Dhamija and Perrig Scheme Pick several pictures out of many choices, identify them later in authentication. ◦ using Hash Visualization, which, given a seed, automatically generate a set of pictures ◦ take longer to create graphical passwords password space: N!/K! (N-K)! ( N-total number of pictures; K-number of pictures selected as passwords)

13  Sobrado and Birget Scheme System display a number of pass-objects (pre-selected by user) among many other objects, user click inside the convex hull bounded by pass-objects. ◦ authors suggeated using 1000 objects, which makes the display very crowed and the objects almost indistinguishable. password space: N!/K! (N-K)! ( N-total number of picture objects; K-number of pre-registered objects)

14  Other Schemes Using human faces as password Select a sequence of images as password

15  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

16  Draw-A-Secret (DAS) Scheme User draws a simple picture on a 2D grid, the coordinates of the grids occupied by the picture are stored in the order of drawing  redrawing has to touch the same grids in the same sequence in authentication  user studies showed the drawing sequences is hard to Remember

17  “PassPoint” Scheme User click on any place on an image to create a password. A tolerance around each chosen pixel is calculated. In order to be authenticated, user must click within the tolerances in correct sequence.  can be hard to remember the sequences Password Space: N^K ( N -the number of pixels or smallest units of a picture, K - the number of Point to be clicked on )

18  Other Schemes Grid Selection Scheme Signature Scheme

19 Using distorted images to prevent revealing of passwords Using images with random tracks of geometric graphical shapes

20  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

21  Is a graphical password as secure as text- based passwords? ◦ text-based passwords have a password space of 94^N (94 – number of printable characters, N- length of passwords). Some graphical password techniques can compete: Draw-A-Secret Scheme, PassPoint Scheme. ◦ Brute force search / Dictionary attacks The attack programs need to automatically generate accurate mouse motion to imitate human input, which is more difficult compared to text passwords. ◦ Guessing ◦ Social engineering ◦ …

22  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

23  Pictures are easier to remember than text strings  Password registration and log-in process take too long  Require much more storage space than text based passwords

24  Introduction  Overview of the Authentication Methods  The survey ◦ Recognition Based Techniques ◦ Recall Based Techniques  Discusssion ◦ Security ◦ Usability  Conclusion

25  main argument for graphical passwords: people are better at memorizing graphical passwords than text-based passwords  It is more difficult to break graphical passwords using the traditional attack methods such as:burte force search, dictionary attack or spyware.  Not yet widely used, current graphical password techniques are still immature

26  Questions?

Download ppt "Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen."

Similar presentations

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.

The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
ByPass A platform to evaluate Android authentication techniques Payas Gupta & Sarah Smith.

ByPass A platform to evaluate Android authentication techniques Payas Gupta & Sarah Smith.
Chapter 5 Input and Output. What Is Input? What is input? p. 166 Fig. 5-1 Next  Input device is any hardware component used to enter data or instructions.

Chapter 5 Input and Output. What Is Input? What is input? p. 166 Fig. 5-1 Next  Input device is any hardware component used to enter data or instructions.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Use Your Illusion: Secure Authentication Usable Anywhere Eiji Hayashi Nicolas Christin Rachna Dhamija Adrian Perrig Carnegie Mellon CyLab Japan.

Use Your Illusion: Secure Authentication Usable Anywhere Eiji Hayashi Nicolas Christin Rachna Dhamija Adrian Perrig Carnegie Mellon CyLab Japan.
3d ..

3d ..
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.

3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
User Authentication Rachna Dhamija Human Centered Computing Course December 6, 1999 Image Recognition in.

User Authentication Rachna Dhamija Human Centered Computing Course December 6, 1999 Image Recognition in.
95752:3-1 Access Control. 95752:3-2 Access Control Two methods of information control: –control access –control use or comprehension Access Control Methods.

95752:3-1 Access Control :3-2 Access Control Two methods of information control: –control access –control use or comprehension Access Control Methods.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
Graphical Dictionaries Presentation by Roger Kahn1 Graphical Dictionaries & Memorable Space of Graphical Passwords.

Graphical Dictionaries Presentation by Roger Kahn1 Graphical Dictionaries & Memorable Space of Graphical Passwords.
1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.

1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.
Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.

Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.
Kok-Chie Daniel Pu - MSISPM. Wow... Daniel will be presenting a lecture on Graphical Passwords !!!

Kok-Chie Daniel Pu - MSISPM. Wow... Daniel will be presenting a lecture on Graphical Passwords !!!
Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.

Similar presentations

Ads by Google