International Journal of Computer
Trends and Technology

Research Article | Open Access | Download PDF

Volume 3 | Issue 2 | Year 2012 | Article Id. IJCTT-V3I2P107 | DOI : https://doi.org/10.14445/22312803/IJCTT-V3I2P107

Ray’s Scheme: Graphical Password Based Hybrid Authentication System for Smart Hand Held Devices

Partha Pratim Ray

Citation :

Partha Pratim Ray, "Ray’s Scheme: Graphical Password Based Hybrid Authentication System for Smart Hand Held Devices," International Journal of Computer Trends and Technology (IJCTT), vol. 3, no. 2, pp. 230-236, 2012. Crossref, https://doi.org/10.14445/22312803/IJCTT-V3I2P107

Abstract

Passwords provide security mechanism for authentication and protection services against unwanted access to resources. One promising alternatives of textual passwords is a graphical based password. According to human psychology, human can easily remember pictures. In this paper, I have proposed a new hybrid graphical password based system. The system is a combination of recognition and pure recall based techniques and that offers many advantages over the existing systems and may be more convenient for the user. My approach is resistant to shoulder surfing attack and many other attacks on graphical passwords. This scheme is proposed for smart hand held devices (like smart phones i.e. PDAs, ipod, iphone, etc.) which are more handy and convenient to use than traditional desktop computer systems.

Keywords

smart phones, graphical passwords, authentication, network security.

References

[1]    Dhamija, R., Perrig, A. (2000), Deja Vu: A User Study. Using Images for Authentication. 9th USENIX Security Symposium. Authentication (2011), http://www.objs.com/survey/authent.htm. 
[2]  Sobrado, L, and Birget, J C. (2002), Graphical Passwords, The Rutgers Schloar, An Electronic Bulletin for Undergraduate Research, vol 4, http://rutgersscholar.rutgers.edu/volume04/sobrbirg/sobrbirg.htm.
[3]   Elftmann, P. (2006), Diploma Thesis, Secure Alternatives to PasswordBased Authentication Mechanisms.   
[4]   Blonder, G, E. (1995), Graphical password, U.S. Patent 5559961, Lucent Technologies, Inc. [5]   Suo, X, Zhu, Y, Scott. Owen, G. (2005), “Graphical Passwords: A Survey”, Annual Computer Security Applications Conference.
[6]  Khan, H, Z, U. (2007), Comparative Study of Authentication Techniques, International Journal of Video & Image Processing and Network Security, Vol: 10 No: 04.
[7] Approaches to Authentication (2011), http://www.e.govt.nz/ plone/ archive/ services/ see/ see-pki-paper-3/ chapter6.html?q=archive/services/see/see-pki-paper-3/chapter6.html. 
[8]  Khan. W. Z., Aalsalem. A. Y., Xiang. Y. (2011), A graphical password based systems for mobile devices. Internation Journal of Computer Science and Issues, Vol. 8, Issue 5, No. 2, 145-154. 
[9] Token Based Authentication (2011), http://www.w3.org/ 2001/ sw/ Europe/ events/ foaf galway/ papers/ fp/ token_based_authentication/. 
[10]   Biometric Authentication, (2011), http://www.cs.bham.ac.uk/ ~mdr/ teaching/ modules/ security/ lectures/ biometric.
[11]   Knowledge based Authentication. http:// searchsecurity.techtarget.com/ definition/ knowledge-based-authentication .
[12]   Knowledge Based Authentication. (2011). http://csrc.nist.gov/archive/ kba/index.html. 
[13]   Weinshall, D, (2006), Cognitive authentication schemes safe against spyware, (short paper). IEEE Symposium on Security and Privacy.
[14]   Hayashi, E., Christin, N., Dhamija, R.,and Perrig, A. (2008), Use Your Illusion: Secure authentication usable anywhere, 4th ACM Symposium on Usable Privacy and Security (SOUPS).
[15]    Davis, D., Monrose, F., and Reiter, M. (2004), On user choice in graphical password schemes, 13th USENIX Security Symposium.
[16]    Dhamija, R., and Perrig, A. (2000), Deja Vu: A User Study. Using Images for Authentication, 9th USENIX Security Symposium.
[17]    Real User. (2011), www.realuser.com.  [18] Passfaces Corporation. (2011), The science behind Passfaces, White paper, http:// www. passfaces. com/enterprise/resources/white_papers.htm.
[18]  Angeli, A., D., Coventry, L., Johnson, G., and Renaud, K. (2005), “Is a picture really worth a thousand words? Exploring the feasibility of graphical authentication systems”, International Journal of Human-Computer Studies, 63(1-2):128-152.
[19]  Moncur, W., and Leplatre, G. (2007), Pictures at the ATM: Exploring the usability of multiple graphical passwords,  ACM Conference on Human Factors in Computing Systems (CHI).
[20]   Pering, T., Sundar, M., Light, J., and Want. R. (2003), Photographic authentication through untrusted terminals, Pervasive Computing, 30-36.
[21]  Wiedenbeck, S., Waters, J., Sobrado, L., and Birget, J. (2006), Design and evaluation of a shoulder-surfing resistant graphical password scheme, International Working Conference on Advanced Visual Interfaces.
[22]   Bicakci, K., Atalay, N. B. , Yuceel, M. , Gurbaslar, H., and Erdeniz, B. (2009), Towards usable solutions to graphical password hotspot problem, 33rd Annual IEEE International Computer Software and Applications Conference. (2011), [23]   Jansen, W., Gavrila, S., Korolev, V., Ayers, R., Swanstrom, R. (2003), Picture Password: A Visual Login Technique for Mobile Devices, NISTIR. 
[24]   Tafasa. Patternlock, (2011), http://www.tafasa.com/patternlock.html. 
[25] GrIDsure. GrIDsure (2011), corporate website:  http://www.gridsure.com. 
[26]  Weiss, R., and Luca, A., D. (2008), PassShapes-Utilizing stroke based authentication to increase password memorability, NordiCHI, 383-392.
[27]   Jermyn, I., Mayer, A., Monrose, F., Reiter, M., and Rubin, A. (1999), The design and analysis of graphical passwords, 8th USENIX Security Symposium.
[28]  Dunphy, P., and Yan, J. (2007), Do background images improve Draw a Secret graphical passwords?, 14th ACM Conference on Computer and Communications Security (CCS).
[29]   Tao, H. (2006), Pass-Go, a New Graphical Password Scheme, Master Thesis, University of Ottawa.
[30]   Gao, H., Guo, X., Chen, X., Wang, L., and Liu, X. (2008), YAGP: Yet another graphical password strategy, Annual Computer Security Applications Conference.
[31]   Orozco, M., Malek, B., Eid, M., and Saddik, A. E. (2006), Haptic-based sensible graphical password, Virtual Concept.
[32]   Goldberg, J., Hagman, J., and Sazawal, V. (2002), Doodling our way to better authentication, (student poster), ACM Conference on Human Factors in Computing Systems (CHI).
 [33]   Varenhorst, C. (2004), Passdoodles: A lightweight authentication method, MIT Research Science Institute.
[34]  Renaud, K., and Angeli, A. D. (2004), “My password is here! An investigation into visio-spatial authentication mechanisms”, Interacting with Computers, 16(4):1017-1041.
[35]  Renaud, K., and Smith, E. (2001), Jiminy: Helping user to remember their passwords, Technical report, School of Computing, University of South Africa.
[36]   Suo, X. (2006), A design and analysis of graphical password, Master's thesis, College of Arts and Science, Georgia State University.
[37]  Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., and Memon, N. (2005), Authentication using graphical passwords: Basic results, 11th International Conference on Human-Computer Interaction (HCI International). ISSN: 2231-2803  
[38]  Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., and Memon, N. (2005), Authentication using graphical passwords: Effects of tolerance and image choice, 1st Symposium on Usable Privacy and Security (SOUPS). 
[39]  Wiedenbeck, S., Waters, J., Birget, J., Brodskiy, A., and Memon, N. (2005), PassPoints: Design and longitudinal evaluation of a graphical password system, International Journal of Human-Computer Studies, 63(12):102-127.
[40]  Chiasson, S., van Oorschot, P.  C., and Biddle, R. (2007), Graphical password authentication using Cued Click Points, In European Symposium On Research In Computer Security (ESORICS), LNCS 4734, 359-374.
[41]  Chiasson, S., Forget, A., Biddle, R.,and van  Oorschot, P. C. (2008), Influencing users towards better passwords: Persuasive Cued Click-Points, Human Computer Interaction (HCI), The British Computer Society. 
[42]   Stubblefield, A., and Simon, D. (2004), Inkblot Authentication, MSRTR-2004-85, Technical report, Microsoft Research.
[43]  Alsulaiman, F., and Saddik, A. El. (2006), A novel 3D graphical password schema, IEEE International Conference on Virtual Environments: Human-Computer Interfaces and Measurement Systems.
[44]  Passlogix graphical password system. (2011), www.passlogix.com.    [45]  Gao, H., Ren, Z., Chang, X., Liu, X, Aickelin, U. (2010), A New Graphical Password Scheme Resistant to Shoulder-Surfing, International Confer-ence on CyberWorlds.
[46]  Oorschot, P. C. V., Wan, T. (2009), TwoStep: An Authentication Method Combining Text and Graphical Passwords.  4th International Conference, MCETECH.
[47]  Man, S., Hong, D., Mathews, A. (2003), A shoulder surfing resistant graphical password scheme, International conference on security and management.