Академический Документы
Профессиональный Документы
Культура Документы
Ian Jermyn
Aviel D.Rubin
AT&T Labs-Research
OUTLINE
1. Introduction 2. Textual Passwords with Graphical Assistance 3. Purely Graphical Passwords 4. Other graphical password scheme 5. Summary 6. References
2
1.INTRODUCTION
Passwords: method of choice for user authentication.
In practice, passwords are susceptible to attacks. Exploit features of graphical input displays to achieve better security.
3
1.INTRODUCTION
1.INTRODUCTION
Observation: temporal order & position Textual password input via keyboard:
simplepass
123456789
Graphical password
DRAW-A-SECRET SCHEME
Conventional
8
Textual : Graphical :
DRAW-A-SECRET SCHEME
12
Users freed from having to remember alphanumeric string. What is good about picture-based password?
13
Ek(P)
restult=Dk(Ek(P))
Store Ek(P)
ressult = P ??
L=1
P(L,G)
l=L
l=1
N(l,G) = n(x,y,l,G) (x,y)[1..G]x[1..G] n : number of strokes of length l (x,y) : ending cell
19
New password scheme cannot be proven better than old scheme because of human factor ! However, above table shows raw size of graphical password space surpasses that of textual passwords.
20
To login, user is required to click within the circled red regions (chosen when created the password) in this picture. The choice for the four regions is arbitrary Known since the mid 1990s, starting with G.Blonder in his 21 paper Graphical Passwords
5. SUMMARY
Textual passwords with graphical assistance: conventional passwords equipped with graphical capabilities. Improvements over textual passwords:
Decouple positions of input from temporal order Larger password space
22
5. SUMMARY
Draw-A-Secret (DAS) Scheme:
Pictures are easier to remember Attackers have no knowledge of the distribution of passwords Larger password space Decouple position of inputs from temporal order
23
6. REFERENCES
The Design and Analysis of Graphical Passwords by Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K.Reiter, Aviel D.Rubin Graphical passwords by Leonardo Sobrado, JeanCamille Birget, Department of Computer Science, Rutgers University Graphical Dictionaries and the Memorable Space of Graphical Passwords by Julie Thorpe, P.C. van Oorschot Human Memory and the Graphical Password by David Bensinger, Ph.D. Passwords: the weakest link? CNET News.com
24
THANK YOU .
25