3D PASSWORD

A More Secure Authentication

Presented By :- 419 Pawar Aditya

420 Shaikh Subhan
421 Bhavsar Rushikesh
 CONTENTS
1. Password
2. Passphrase
3. Authentication
4. Drawbacks of Human Authentication Techniques
5. 3D Password
6. Virtual Environment
7. Virtual Objects
8. System Implementation
9. Mathematical Concepts
10. Related To 3D Password
11. Example
12. Working of 3D Password
13. Programming Languages
14. Attacks and Counter Measures
15. Advantages
16. Disadvantages
17. Applications
 PASSWORD
A Password is a word or string of characters used
for the authentication to prove identity.
Password is basically an Encryption Algorithms.
It is 8 – 15 characters or slightly more than that.
Password are the first line of defense against Cyber
Criminals.
 PASSPHRASE
It is the advanced version of Password.
It is a combination of words or simply
collection of password in a proper
sequence.
Length of Passphrase is from 30 – 50
words or more than that also.
More secure than an ordinary password.
 AUTHENTICATION
Authentication is a process of validating who are
you to whom you are claimed to be.

Humans Authentication Techniques are :

1. Knowledge Based ( What You Know )
2. Token Based ( What You Have )
3. Biometrics ( What You Are )
1. KNOWLEDGE BASED
(A) Pin
.
(B) Password
(c) Patterns

2. TOKEN BASED
(A) Keys
(B) Passport
(C) Smart Card
(D) ID Proofs

3. BIOMETRICS
(A) Face Recognition
(B) Fingerprints
(C) Iris
(D) DNA
(E) Voice
(F) Hand Geometry
DRAWBACKS OF HUMAN AUTHENTICATION TECHNIQUES

1. KNOWLEDGE BASED
(A) Easy to Remember -> Easy to Break
Hard to Guess -> Hard to Remember
(B) Vulnerable to attacks like dictionary attacks, brute force attacks, etc.

2. TOKEN BASED
(A) Duplicate Keys, Smart Cards, ID Proofs, are easily available.

3. BIOMETRICS
(A) Instructiveness to privacy.
(B) Resistance to exposure of retinas to IR rays.
(C) Hackers implement exact copy of your biometrics.
 3D PASSWORD
 The 3D password is a multifactor authentication scheme
that combine KNOWLEDGE BASED + TOKEN BASED
+ BIOMETRICS in one authentication system.
 It presents a virtual environment containing various virtual
objects.
 It is simply the combination and sequence of user
interactions that occur in the 3D environment.
 The user walks through the environment and interacts with
the objects.
 More customizable and very interesting way of
authentication.
 VIRTUAL ENVIRONMENT
A virtual environment is a computer – based simulated
environment.
The 3D virtual environment consists of many items and objects.
It is created inside a 2D screen and is a real time scenario.
Each item has different responses to action.
The use actions, interactions and inputs towards the objects or
toward the 3D virtual environment creates the user’s 3D
password.
Communication between users can range from text, graphical
icons, visual gesture, sound, and rarely forms using touch, voice
command, and balance senses.
3D virtual environment affects the usability, effectiveness and
acceptability of a 3D password system.
3D environment reflects the administration needs and security
requirements.
 virtual object can be any object
we encounter in real life such as
 A computer on which user type.
 An ATM machine that requires a token (ATM card).
 A fingerprint can be switched on/off.
 A paper or white board on which user can write.
 A light that can be switched on/off.
 A television.
 A radio.
 A car that can driven.
 A graphical password scheme.
 The action towards an object that exists in location (x1,y1,z1) is different from
action toward an another object at (x2,y2,z2).
 To perform the legitimate user 3D password the user must follow the same
scenario object by the legitimate user .
 This means interacting with the same object that reside at exact location and
perform the exact actions in the proper sequence.

1. TIME COMPLEXITY :
Let us assume A is the virtual 3D environment plotting
and B is algorithmic programming. Then, Time complexity=
Am + Bn where `m` is time required to communicate with
system, and `n` is time required to process each algorithm in
3D environment
 2. SPACE COMPLEXITY :
 System include 3D virtual environment, so that each point in
environment will having 3 co-ordinate value.
Any point from 3D virtual environment id represented in the
form of (x , y, z). X , Y & Z are the coordinate
value stored for particular point
(a) P class : A decision problem is in P there is a
known polynomial-time algorithm to get that andanswer.
(b) NP-hard class : Decision problem is in NP if there is a
known polynomial-time algorithm for a non-deterministic machine to
get the answer.
(c) NP complete class : NP-complete if you can prove that (1)
it`s in NP and (2) show that it`s poly-time reducible to a problem
already known to be NP-complete.
 Let us consider a 3D virtual environment space of size G x G x G.
the 3D environment space is represented by yhe coordinates (x , y ,
z) E [1,…,G] x [1,…,G] x [1,…,G]
 The object are distributed in the 3D virtual environment with
unique (x , y , z) coordinates. We assume that the user can navigate
into the 3D virtual environment and interact with the object using
any input device such as a mouse , keyboard , fingerprint scanner ,
iris scanner , card reader , microphones , stylus , etc.
 Let us consider a user who navigates through the 3D virtual
environment consist and the user turns around the door location in
(1,2,3,) and open it. Then, the position (4,5,6,) , and the user types
“ABC”. The initial representation of user actions in the 3D virtual
environment can be recorded as follows: (1,2,3) action = open the
office door (4,5,6) action = typing “A” (4,5,6) action=typing “c”
 Typical textual password enter users name performing graphical password
moving inside virtual 3D environment performing biometrics changing item
status verifying typing a letter or a number click access not granted logical
password access granted specific key password click on a graphical
password item specific key pressed biometric item is checked moved
object , turn ON/OFF.
 C++.
 Java and java3D .
 Net languages such as C# or visual basics.
 Parrot virtual machine.
 OPENGL LIBRARY :
(i) Uses both graphics and CAD programs.
(ii) Supported on windows, Macintosh, UNIX workstation, PCs, X-Box,
Linux, etc.
 GLUT:
(i) Library for using C++ and OpenGL
 Direct 3D:
(i) Support only on Microsoft windows platforms X-box

1.Brute Force Attack :

A brute force attack is a trial-a-error method used to obtain
information such as a user password identification number (PIN).The attack difficult
because: (i) Required time to login: Time required to login may vary from 20 seconds to 2
minutes. So, is time consuming. (ii) Cost of attack : Cost of creating 3D virtual
environment is very high.
2.Well Studied Attack :
(i) Attacker has to study whole password scheme. (ii) Attacker
has to try combination of different attacks on scheme.(iii) As 3D password scheme is multi-
factor & multi-password authentication scheme, attacker fail to studied whole scheme. This
attacks also not much effective against 3D password scheme .
3.Shoulder suffering Attack:
(i) An attacker uses a camera to record the
password. (ii) 3D password contains biometric identification, so are difficult to break.
4.Timing Attack:
(i) The attacker observes how long it take a legitimate user to
perform a correct sign-in using 3D password. (ii) Helps in determining length of
password. (iii) Effective if the 3D virtual environment is designed correctly.
5.Key Logger:
(i) Attacker install as software called key logger on system where
authentication scheme is used. (ii) Software stores text as stored in text file. (ii) More
effective and useful for only textual password. Fails in case of 3D password because it
includes biometrics which are hard to crack.
 1. Provides high security.
 2. Flexible, as it provides multifactor authentication, i.e., token
based, knowledge based, biometrics.
 3. Provides infinite number of password possibilities.
 4. Can be memorized in form of short stories.
 5. Implementation of system is easy.
 6. Ease to change password anytime.
 7. Helps to keep lot of personal details.
 8. Due to the use of multiple schemes in one scheme password space
is increased to great extent.
 1. Difficulty for blind people to use this technology.
 2. A lot of program coding is required.
 3. Very expensive. 4. Time and memory requirement is large.
 1. Critical servers.
 2. Nuclear reactors and military facilities.
 3. Airplanes, jet fighters and missile guiding.
 4. networking.
 5. A small virtual environment can be uses in following areas:
(i) ATM.
(ii) Desktop computers and laptop logins.
(iii) Web authentication.
(iv) Security analysis.
 The authentication can be improved with 3D password, because the
unauthorized person may not interact with same object at a particular
location as the legitimate user.
 It is difficult to crack because it has no fixed number of steps and
particular procedure.
 Added with biometrics and token verification this scheme becomes
almost unbreakable.