GRAPHICAL CRYPTOGRAPHIC VERIFICATION SYSTEM
DOI:
https://doi.org/10.20894/IJMSR.117.009.001.036Keywords:
Graphical Cryptographic, Graphical password, input, live video, observation, user study.Abstract
A Graphical Cryptographic Verification System that restores the static digital pictures naturally used in graphical password systems with personalized physical tokens, here in the form of digital pictures showed on a physical user-owned device such as a mobile phone. Users present these pictures to a scheme camera and then enter their password as a sequence of selections on live video of the token. Extremely distinctive optical characteristics are extracted from these selections and utilized as the password. We present three probability studies of examining its consistency, usability, and safety against surveillance. The consistency study Graphical Cryptographic Verification System demonstrates that image-feature based passwords are viable and suggests appropriate system thresholds password items should include a minimum of seven features, 40% of which must geometrically equal unique stored on an authentication server in order to be moderator equivalent. The usability study calculates task completion times and error rates, revealing these to be 7.5 s and 9%, broadly comparable with preceding graphical password systems that use static digital images. In the end, the safety study highlights Graphical Cryptographic Verification System conflict to observation attack three attackers are able to compromise a password using shoulder surfing, camera based observation, or malware. These results indicate that Graphical Cryptographic Verification System shows promise for safety while maintaining the usability of current graphical password schemes.
Downloads
References
[2] D. Davis, F. Monrose, and M. Reiter, “On user choice in graphical password schemes,” in Proc. USENIX Security, pp. 1–11, 2004.
[3] I. Jermyn, A. Mayer, F. Monrose, M. Reiter, and A. Rubin, “The design and analysis of graphical passwords,” in Proc. 8th USENIX Security Symp., pp. 1–15, 1999.
[4] H. Tao and C. Adams, “Pass-Go: A proposal to improve the usability of graphical passwords,” Int. J. Netw. Security, vol. 7, no. 2, pp. 273–292, 2008.
[5] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, “PassPoints: Design and longitudinal evaluation of a graphical password system,” Int. J. HCI, vol. 63, pp. 102–127, Jul. 2005.
[6] P. C. van Oorschot and J. Thorpe, “On predictive models and user-drawn graphical passwords,” ACM Trans. Inf. Syst. Security, vol. 10, no. 4, pp. 1–33, 2008.
[7] K. Golofit, “Click passwords under investigation,” in Proc. ESORICS, pp. 343–358, 2007.
[8] A. E. Dirik, N. Memon, and J.-C. Birget, “Modeling user choice in the passpoints graphical password scheme,” in Proc. Symp. Usable Privacy Security, pp. 20–28, 2007.
[9] J. Thorpe and P. C. van Oorschot, “Human-seeded attacks and exploiting hot spots in graphical passwords,” in Proc. USENIX Security, pp. 103–118, 2007.
[10] P. C. van Oorschot, A. Salehi-Abari, and J. Thorpe, “Purely automated attacks on passpoints-style graphical passwords,” IEEE Trans. Inf. Forensics Security, vol. 5, no. 3, pp. 393–405, Sep. 2010.
[11] D. Weinshall, “Cognitive authentication schemes safe against spyware,” in Proc. IEEE Symp. Security Privacy, pp. 300–306, May 2006.
[12] L. von Ahn, M. Blum, N. J. Hopper, and J. Langford, “CAPTCHA: Using hard AI problems for security,” in Proc. Eurocrypt, pp. 294–311, 2003.
[13] S. Chiasson, A. Forget, R. Biddle, and P. C. van Oorschot, “Influencing users towards better passwords: Persuasive cued click-points,” in Proc. Brit. HCI Group Annu. Conf. People Comput., Culture, Creativity, Interaction, vol. 1., pp. 121–130, 2008.
[14] B. Pinkas and T. Sander, “Securing passwords against dictionary attacks,” in Proc. ACM CCS, pp. 161–170, 2002. [15] P. C. van Oorschot and S. Stubblebine, “On countering online dictionary attacks with login histories and humans-in-the-loop,” ACM Trans. Inf. Syst. Security, vol. 9, no. 3, pp. 235–258, 2006.
Downloads
Published
Issue
Section
License
Authors need to sign following agreement with International Journal of MC Square Scientific Research before publishing their articles:
- Authors need to return copyright form to Journal Editor-in-chief to proceed their articles for publication. Meantime, the journal licensed under a Creative Commons Attribution License, which permits other user to distribute the work with an acknowledgement of the authors for International Journal of MC Square Scientific Research.
- Authors are also able to share their separate, additional contractual arrangements for the non-restricted contribution of the journal with an acknowledgement of publication in International Journal of MC Square Scientific Research.
- Authors are allowed and encouraged to share their work during the submission process for increasing citation and exploring to increase the paper availability in worldwide way. The Effect of Open Access.