The Design and Analysis of Graphical Passwords

Ian Jermyn

New York University

Alain Mayer, Fabian Monrose, Michael K.Reiter

Aviel D.Rubin

AT&T Labs-Research

Bell Labs, Lucent Technologies

Presenter : Ta Duy Vuong taduyvuo@comp.nus.edu.sg

1

OUTLINE
1. Introduction 2. Textual Passwords with Graphical Assistance 3. Purely Graphical Passwords 4. Other graphical password scheme 5. Summary 6. References
2

1.INTRODUCTION
Passwords: method of choice for user authentication.
In practice, passwords are susceptible to attacks. Exploit features of graphical input displays to achieve better security.
3

1.INTRODUCTION

Used for any devices with graphical input display

Primarily for PDAs: Palm Pilot, HP iPAQ,
4

1.INTRODUCTION
Observation: temporal order & position Textual password input via keyboard:
simplepass
123456789

Graphical password

2.TEXT WITH GRAPHICAL ASSISTANCE

GRAPHICAL PASSWORD

TEXTUAL PASSWORD WITH GRAPHICAL ASSISTANCE

DRAW-A-SECRET SCHEME

2.TEXT WITH GRAPHICAL ASSISTANCE

Use textual passwords augmented by some graphical capabilities.
Aim: to decouple temporal order & position of input.

2.TEXT WITH GRAPHICAL ASSISTANCE

Example: password is tomato. Usual way of input:

Conventional
8

2.TEXT WITH GRAPHICAL ASSISTANCE

With graphical assistance

2.TEXT WITH GRAPHICAL ASSISTANCE

Formally:
k : number of characters in password A : set of allowed characters m : number of positions (m>=k)

Textual : Graphical :

f = {1,,k} A f = {1,,k} A x {1,,m}

10

2.TEXT WITH GRAPHICAL ASSISTANCE

One k-character conventional password yields: m!/(m-k)! graphical passwords Ex: Password is ILoveNus
k=8 (characters) Choose m=10 (positions) approximately 1.8 x 106 graphical passwords
11

3.DRAW-A-SECRET (DAS) SCHEME

GRAPHICAL PASSWORD

TEXTUAL PASSWORD WITH GRAPHICAL ASSISTANCE

DRAW-A-SECRET SCHEME

12

3.DRAW-A-SECRET (DAS) SCHEME 3.1 Introduction

Password is picture drawn on a grid.

Users freed from having to remember alphanumeric string. What is good about picture-based password?
13

3.DRAW-A-SECRET (DAS) SCHEME 3.2 Password input

(2,2) (3,2) (3,3) (2,3) (2,2) (2,1) (5,5)

(5,5) is pen-up indicator
14

3.DRAW-A-SECRET (DAS) SCHEME 3.3 Encryption Tool for PDA

Use Triple-DES to encrypt/decrypt data stored on PDA
Sequence of coordinates of password P Hashed using SHA-1 Key k Derived to make keys Triple-DES

Process of making keys for Triple-DES

15

3.DRAW-A-SECRET (DAS) SCHEME 3.3 Encryption Tool for PDA

Sequence of coordinates P Hashed using SHA-1 Key k Sequence of coordinates P Hashed using SHA-1 Key k

Ek(P)

restult=Dk(Ek(P))

Store Ek(P)

ressult = P ??

Process of setting password

Process of verifying password

16

3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme

Textual passwords are susceptible to attacks because:
Users do not choose passwords uniformly. Attackers have significant knowledge about the
distribution of user passwords (users often choose passwords based their own name) information about gross properties (words in English dictionary are likely to be chosen)
17

3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme

Knowledge about the distribution of user password is essential to adversary. DAS scheme gives no clues about user choice of passwords. Harder to collect data on PDAs than networked computers.
18

3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme

Size of Password space:
Lmax
(Lmax,G) = P(L,G) P : password Grid size GxG L : length of password Lmax : maximum length of password

L=1

P(L,G)

N: number of strokes = P(L-l,G)N(lG) l : length of stoke

l=L

l=1
N(l,G) = n(x,y,l,G) (x,y)[1..G]x[1..G] n : number of strokes of length l (x,y) : ending cell

19

3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme

New password scheme cannot be proven better than old scheme because of human factor ! However, above table shows raw size of graphical password space surpasses that of textual passwords.
20

4. Another graphical password scheme

To login, user is required to click within the circled red regions (chosen when created the password) in this picture. The choice for the four regions is arbitrary Known since the mid 1990s, starting with G.Blonder in his 21 paper Graphical Passwords

5. SUMMARY
Textual passwords with graphical assistance: conventional passwords equipped with graphical capabilities. Improvements over textual passwords:
Decouple positions of input from temporal order Larger password space

22

5. SUMMARY
Draw-A-Secret (DAS) Scheme:
Pictures are easier to remember Attackers have no knowledge of the distribution of passwords Larger password space Decouple position of inputs from temporal order

23

6. REFERENCES
The Design and Analysis of Graphical Passwords by Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K.Reiter, Aviel D.Rubin Graphical passwords by Leonardo Sobrado, JeanCamille Birget, Department of Computer Science, Rutgers University Graphical Dictionaries and the Memorable Space of Graphical Passwords by Julie Thorpe, P.C. van Oorschot Human Memory and the Graphical Password by David Bensinger, Ph.D. Passwords: the weakest link? CNET News.com
24

THANK YOU .

25