3D PASSWORD FOR SECURE

AUTHENTICATION
 CONTENTS
 Introduction
 Authentication Schemes
 Functionalities Required
 3D Password selection and Input
 Virtual Environment Design Guidelines
 Applications
 Security Analysis
 Attacks and Countermeasures
 Conclusion
 References
 INTRODUCTION

 Commonly used authentication schemes are textual passwords,

graphical passwords and biometrics.

 3D password is a multifactor authentication scheme.

 To be authenticated ,we require a 3D virtual environment.

 Combines recognition-,recall-,token-,and biometrics-based
systems.

 Users choice to select the type of authentication technique.

 AUTHENTICATION SCHEMES

 KNOWLEDGE BASED

• Recall based
• Recognition based

 TOKEN BASED
eg : smart card
 BIOMETRIC BASED

 Fingerprint ,palm prints ,hand geometry ,face

recognition

 Intrusiveness upon a user’s personal characteristics.

 GRAPHICAL PASSWORDS

 Recognition based

 Recall based
 FUNCTIONALITIES REQUIRED

 New scheme should combine the existing authentication

schemes

 Freedom to select the type of authentication technique.

 Should provide secrets that are easy to remember ,difficult to

guess.
3D PASSWORD SELECTION AND INPUT

 3D environment space represented by the co-ordinates

[1,…..G] [1,……..G] [1,…….G].

 User navigate into the 3D virtual environment using any

input device.

 The sequence of actions and interactions forms the users

3D password.
 Representation of user actions in the 3D virtual environment

(10,24,91) Action=Open the office door;

(10,24,91) Action=Close the office door;
(4,34,18) Action= Typing,“F”;
(4,34,18) Action= Typing,”A”;
(4,34,18) Action= Typing,”L”;
(4,34,18) Action= Typing,”C”;
(4,34,18) Action= Typing,”O”;
(4,34,18) Action= Typing,”N”;
(10,24,80) Action= Pick up the pen;
(1,18,80) Action= Drawing, point=(330,130).
Virtual Computer where user typing a textual password as a part of user’s 3D
Password
Snapshot of a proof-of-concept virtual art gallery
State diagram of a 3D Password application
 3D VIRTUAL ENVIRONMENT
DESIGN GUIDELINES

 Real-life similarity

 Object uniqueness and distinction

 Three-dimensional virtual environment

 System importance
 APPLICATIONS

 Critical servers.

 Nuclear and military facilities.

 Airplanes and jetfighters.

 ATMs, PDA’s, desktop computers and laptops.

 SECURITY ANALYSIS

 3D Password Space Size.

 3D Password Distribution Knowledge.

ATTACKS AND COUNTERMEASURES

 Brute Force Attack

 Well-Studied Attack

 Shoulder Surfing Attack

 Timing Attack
 CONCLUSION
 Commonly used authentication schemes are vulnerable to
attacks.

 3D Password is a multifactor authentication scheme.

 Design of 3D virtual environment, selection of objects

inside the environment, and the object type reflects
the resulted password space.

 User’s choice and decision to construct the desired

and preferred 3D password
 REFERENCES
 [1]F. A. Alsulaiman and A. El Saddik, “A novel 3D graphical
password schema,” IEEE Journal Virtual Environment, Human-
Computer Interfaces, July 2008,pp.125-128.

 [2]X.Suo, Y. Zhu , and G. S. Owen, “Graphical passwords: A

survey,” Proc.21st Annual Computer Security Applications
Conference, Dec. 5-9,2005,pp.463-472.

 [3]“The science behind passfaces”,http://www.realusers.com

 [4] R. Dhamija and A. Perrig, “Deja vu: A user study using
images for authentication,”Proc. 9th USINEX Security
Symp.,Aug.2004,pp.45-58.

 [5]I.Jermyn,A.Mayer,F.Monrose,M.K.Reiter,and A.D.Rubin,
“The design and analysis of 3D passwords,” Special Issue on
HCI Research in Privacy and Security,vol. 63,July 2005,pp.102-
127.