a secure recognition based on graphical password presented by dhanshri agashe guided by: prof. s....
TRANSCRIPT
![Page 1: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/1.jpg)
A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD
PRESENTED BY
Dhanshri Agashe
Guided By: Prof. S. Jain
![Page 2: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/2.jpg)
CONTENTS
1. INTRODUCTION2. MOTIVATION3. LITERATURE SURVEY4. METHODOLOGY5. ISSUES6. ADVANTAGES OF GRAPHICAL PASSWORDS.7. APPLICATIONS8. CONCLUSION9. FUTURE SCOPE10. REFERENCES
![Page 3: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/3.jpg)
INTRODUCTION
Graphical user authentication(GUA) system requires a user to select a memorable image.
Digital watermarking is the process of embedding information into a digital signal.
The purpose of digital watermarking is to provide copyright protection.
By using Cued click points users click on one point per image for a sequence of images.
Performance was very good in terms of speed, accuracy, and number of errors.
![Page 4: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/4.jpg)
INTRODUCTION
Users preferred CCP to saying that selecting and remembering only one point per image was easier.
Seeing each image triggered their memory of where the corresponding point was located.
Cued click points provides greater security as the number of images increases the workload for attackers.
![Page 5: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/5.jpg)
What ?
The term watermark is derived from the German term “Wessmark”
The basic idea of watermark is to embed some information in digital
images so that it can not be miss used or owned by others.
Watermarked imageImage without watermark
Watermark
![Page 6: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/6.jpg)
FINAL REGISTRATION
PROCESS
![Page 7: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/7.jpg)
MOTIVATION
There is a good security when using the text-based strong password schemes but often memorizing the password.
An alternative solution to the text-based authentication which is the GUA or simply Graphical Password .
However, one big issue that is plaguing GUA is shoulder surfing attack that can capture the users mouse clicks and image gallery.
![Page 8: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/8.jpg)
Sr. No.
Paper Name Author Year Conclusion
1 Graphical User Authentication
A.H. Lashkari IEEE 2011
Resistance to common attacks of graphical password algorithms.
2 Persuasive cued click points
Stobert. E IEEE 2012
Influence user choice in click-based graphical passwords, encouraging users to select more random, and hence more difficult to guess, click-points.
LITERATURE SURVEY
![Page 9: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/9.jpg)
LITERATURE SURVEY
If attacker want to attack to the image gallery as we hide the
copyright protection information in all images of the system.
In proposed algorithm all images has copyright information and
is difficult to change the image of gallery.
Focus on attacks of graphical password algorithms and evaluate
recognition based algorithms.
![Page 10: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/10.jpg)
METHODOLOGY
PROPOSED GRAPHICAL PASSWORD ALGORITHM
A denotes the user A ID denotes the user identity of user A S denotes the server side operation C denotes the Client side operation UAI denotes User added some image for his/her password UI denotes the image(s) that user added to the system Ini denotes the image number of user’s password DI denotes set of the decoy images
![Page 11: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/11.jpg)
continue
RCS denotes the random character set generated for each image in login page
DQ() denotes the data query from database DW()denotes the write the data pack in the database IMX()denotes matrix of images || denotes the concatenation process WCP() denotes the Copyright Protection technique of
Watermarking CWCP() denotes the checking process for copy right protection of
watermarking
![Page 12: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/12.jpg)
continue
The workflow of registration phase is as below:
Step1. C: (A, ID) S [User A sends his ID to the server for login page]
Step2. S: DQ (ID)[in the server side the user’s information will find from data
base]
Step3. S: IMX (DI, INi) C [Server generate a from the decoy images and user’s
password images and sent to the client side]
Step4. C: CWCP (IMX (Di,INi)) [the algorithm check the copyright protection
in them image matrix]
![Page 13: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/13.jpg)
continue
Step5: C: INi [user selects his/her password images by
write the related characters and algorithm fin the related
ID regarding to the users entered characters as INi]
Step6. C: ID || INi [in the client side the ID of user and selected images
INi will concatenate and make the data pack]
Step7. C: ID|| INi S [Client send the generated data pack to the server]
Step8. S: Success/Reject C[check the data pack and if the pack is
true reply successfully to the client side and If data pack is not
true then reject the user in login phase.
![Page 14: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/14.jpg)
Graphical Password-what a concept!
Here you pick several icons to represent the password.
Then when you want to authenticate it, a screen is drawn as a challenge to which you must respond.
The screen has numerous icons, at some of which are your private password icons.
You must locate your icons visually on the screen and click on the screen to the password.
![Page 15: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/15.jpg)
The survey : Two categories
Recognition Based Techniques– a user is presented with a set of images and the user passes the
authentication by recognizing and identifying the images he selected during the registration stage.
Recall Based Techniques– A user is asked to reproduce something that he created or
selected earlier during the registration stage.
![Page 16: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/16.jpg)
Phases of Algorithm
Login phase Registration phase
![Page 17: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/17.jpg)
Click point’s as passwordClick point’s as password
1st click 2nd click 3rd click 4th click 5th click …
Click point
![Page 18: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/18.jpg)
DATABASE
Database contains saved pictures and points.
Correct username
First picture stored in database during registration
Correct click pointGives the next image
Verification of click point
System gives 3 chances to The user for incorrect password
If the user exists 3 chances then the password system displays another picture which will be unrelated to the picture selected by the user during password creation
Last picture
![Page 19: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/19.jpg)
COMPARISION BETWEEN ALPHA-NUMERIC & GRAPHICAL PASSWORDS:
Commonly used guidelines for alpha-numeric passwords are: The password should be at least 8 characters long. The password should not be easy to relate to the user (e.g., last
name, birth date). Ideally, the user should combine upper and lower case letters and
digits and special characters.
Graphical passwords The password consists of some actions that the user performs on an
image. Such passwords are easier to remember & hard to guess.
![Page 20: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/20.jpg)
APPLICATION OF THE PICTURE APPLICATION OF THE PICTURE PASSWORD SYSTEMPASSWORD SYSTEM
SYSTEM LOG IN AND LOG OUT PROCESSSYSTEM LOG IN AND LOG OUT PROCESS
FOLDER LOCKINGFOLDER LOCKING
WEB LOG-IN APLLICATIONWEB LOG-IN APLLICATION
![Page 21: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/21.jpg)
ADVATAGES OF GRAPHICAL PASSWORDS
Graphical password schemes provide a way of making more human-friendly passwords .
Here the security of the system is very high.
Here we use a series of selectable images on successive screen pages.
Dictionary attacks are infeasible.
![Page 22: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/22.jpg)
SOLUTION TO SHOULDER SURFING PROBLEM
(1) TRIANGLE SCHEME
![Page 23: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/23.jpg)
FUTURE SCOPE
Shoulder surfing means watching over people's shoulders as they process information. Examples include observing the keyboard as a person types his or her password, enters a PIN number, or views personal information.
Because of their graphic nature, nearly all graphical password
schemes are quite vulnerable to shoulder surfing. It can be overwhelming by triangle scheme in further approach
![Page 24: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/24.jpg)
CONCLUSION
More difficult to break the graphical passwords from traditional attack methods:
Brute Force Search
Dictionary Attack
Or Spyware
By implementing other special geometric configurations like triangle & movable frame ,one can achieve more security especially shoulder surfing and physical attacks.
![Page 25: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/25.jpg)
REFERENCES
A.H. Lashkari, F.T., Graphical User Authentication (GUA).
2010: Lambert Academic Publisher.
Komanduri, S. and D.R. Hutchings, Order and Entropy in
Picture Passwords, in Canadian Information Processing
Society. 2008.
Hu , W., X. Wu, and G. Wei, The Security Analysis of
Graphical Passwords, in International Conference on
Communications and Intelligence Information Security. 2010.
![Page 26: A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD PRESENTED BY Dhanshri Agashe Guided By: Prof. S. Jain](https://reader035.vdocuments.mx/reader035/viewer/2022062717/56649e395503460f94b2b79e/html5/thumbnails/26.jpg)
ANY QURIES?