Graphical Authentication System
Keywords:
Authentication, Shoulder Surfing Attack, Encryption, Decryption, Login Indicator.Abstract
Image Authentication or captcha based on passwords is used largely in applications for computer and mobile security and privacy. People logs into web services and applications in public to access their personal and confidential accounts with their laptops, smartphones, tablets or public devices, like bank ATM. All these things bring great convenience but at the same time increase the risk of exposing passwords to unknowns by shoulder surfing attacks. A shoulder surfing is a kind of attack where attackers can observe directly or indirectly with the use of external recording devices to collect user’s credentials. To overcome this problem of shoulder surfing attacks, we propose an image-based authentication system along with encryption. With one-time valid login indicator / token, horizontal and vertical bars covering the entire scope of an image, proposed system offers no hint for attackers to figure out or narrow down password even when they conduct multiple camera based attention. In addition to this, the login indicator is completely random and valid only for short period of time. In addition to this to protect the mobile application from theft, only one email id is allowed per application and an easy-to-remember randomly generated password required for logging into the application is also sent to the user. This password is completely encrypted and valid only for single login.
References
- S. Sood, A. Sarje, and K. Singh, "Cryptanalysis of password authentication schemes: Current status and key issues ", in Method and Models in Computer Science, 2009. ICM2CS 2009. Proceeding of International Conference on, Dec 2009
- S. Gurav, L. Gawade, P. Rane, and N. Khochare, "Graphical password authentication: Cloud securing scheme," in Electronic Systems, Signal Processing and Computing Technologies (ICESC), 2014 International Conference on, Jan 2014
- I. Jermyn, A. Mayer, F. Monrose, M. Reiter, and A. Rubin, "The design and analysis of graphical passwords," in Proceedings of the 8th conference on USENIX Security Symposium-Volume 8. USENIX Association, 1999
- S. Wiedenbeck, J. Waters, J. Birget, A. Brodskiy, and N. Memon, "Passpoints: Design and longitudinal evaluation of a graphical password system," International Journal of Human-Computer Studies,vol.63
- S. Brostoff and M. Sasse, "Are passfaces more usable than passwords? a field trial investigation," PEOPLE AND COMPUTERS
- T. Kwon, S. Shin, and S. Na, "Covert attentional shoulder surfing: Human adversaries are more powerful than expected," IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 44
- M. Kumar, T. Garfinkel, D. Boneh, and T. Winograd, "Reducing shoulder-surfing by using gaze-based password entry,’ in Proceedings of the 3rd symposium on Usable privacy and security. ACM, 2007
- L. Wang, X. Chang, Z. Ren, H. Gao, X. Liu ,and U. Aickelin, "Against spyware using captcha in graphical password scheme," in 24th IEEE International Conference on Advanced Information Networking and Applications. IEEE, 2010
Downloads
Published
Issue
Section
License
Copyright (c) IJSRSET
This work is licensed under a Creative Commons Attribution 4.0 International License.