ENSHROUDING OF PIN FROM SNOOPING USING STEGANOPIN AND BW METHOD
DOI:
https://doi.org/10.20894/IJMSR.117.009.002.003Keywords:
steganopin ,bw method ,shoulder surfingAbstract
Now a daysUsers typically reuse the same personalized identification number (PIN) for multiple times. Direct PIN entries are highly dangerous for shoulder surfing attackers can effectively observe PIN entry with hidden cameras. Indirect PIN entry methods proposed as countermeasures are rarely deployed because they demand a heavier brain stuff workload for users. To achieve security and usability, we present a practical indirect PIN entry method called SteganoPIN. The human–machine interface of SteganoPIN is two numeric keypads, one which is covered and the other open, designed mainly to block shoulder-surfing attacks. After locating a long-term PIN in the more typical layout ,through the covered permuted keypad, a user generates a one-time PIN that can safely be entered in plain view of attackers. Forty-eight participants were involved in investigating the PIN entry time and error rate of SteganoPIN. Our experimental manipulation used a within-subject factorial design with two independent variables: PIN entry system (standardPIN, SteganoPIN) and PIN type (system-chosen PIN, user-chosen PIN).The PIN entry time in SteganoPIN (5.4–5.7 s) was slower but acceptable, and the error rate (0–2.1%) was not significantly different from that of the standard PIN.
Downloads
References
[2] V. Roth, K. Richter, and R. Freidinger, ―A PIN-entry method resilient against shoulder surfing,‖ in Proc. ACMComput.Commun. Security, 2004, pp. 236–245.
[3] D. Weinshall, ―Cognitive authentication schemes safe against spyware,‖ in Proc. IEEE Symp. Security Privacy, 2006, pp. 295–300.
[4] A. De Luca, M. Langheinrich, and H. Hussmann, ―Towards understanding ATMsecurity—A field study of realworldATMuse,‖ in Proc. ACMSymp. Usable Privacy Security, 2010, pp. 1–10.
[5] H. J. Asghar, S. Li, J. Pieprzyk, and H. Wang, ―Cryptoanalysis of the convex hull click human identification protocol,‖ in Proc. 13th Int. Conf. Inf. Security, 2010, pp. 24–30.
[6] A. De Luca, E. von Zezschwitz, and H. Hussmann, ―Vibrapass – secure authentication based on shared lies,‖ in Proc. ACM CHI Conf. Human Factors Comput. Syst., 2009, pp. 913–916.
[7]A. Bianchi, I. Oakley, and D. Kwon, ―Spinlock: A single-cue haptic and audio PIN input technique for authentication,‖ in Proc. Haptic Audio Interaction Design, 2011, pp. 81–90.
[8] T. Perkovic, A. Mumtaz, Y. Javed, S. Li, S. A. Khayam, and M. Cagalj, ―Breaking undercover: Exploiting design flaws and nonuniform human behavior,‖ in Proc. 7th Symp. Usable Privacy Security, 2011, pp. 1–15.
[9] A. Bianchi, I. Oakley, V. Kostakos, and D. Kwon, ―The Phone Lock: Audio and haptic shoulder-surfing resistant PIN entry methods for mobile devices,‖ in Proc. 5th Int. Conf. Tangible, Embedded, Embodied Interaction, 2011, pp. 197–200
[10] D. Kim, P. Dunphy, P. Briggs, J. Hook, J. W. Nicholson, J. Nicholson, and P. Olivier, ―Multi-touch authentication on tabletops,‖ in Proc. ACM SIGCHI Conf. Human Factors Comput. Syst., 2010, pp. 1093–1102.
Downloads
Published
Issue
Section
License
Authors need to sign following agreement with International Journal of MC Square Scientific Research before publishing their articles:
- Authors need to return copyright form to Journal Editor-in-chief to proceed their articles for publication. Meantime, the journal licensed under a Creative Commons Attribution License, which permits other user to distribute the work with an acknowledgement of the authors for International Journal of MC Square Scientific Research.
- Authors are also able to share their separate, additional contractual arrangements for the non-restricted contribution of the journal with an acknowledgement of publication in International Journal of MC Square Scientific Research.
- Authors are allowed and encouraged to share their work during the submission process for increasing citation and exploring to increase the paper availability in worldwide way. The Effect of Open Access.
