ABSTRACT
User authentication is the most fundamental decision in designing secure systems and to organize majority of the attacks. Though alpha-numeric password and biometric based authentication methods are the most popular methods till date, they have been exposed to numerous attacks. As an alternative solution, various graphical-based password authentication schemes have been proposed. The efficiency of a graphical password is evaluated by its intensity of security and usability. Regardless of being many existing methods most were unsuccessful to accomplish both features concurrently. In this paper, we propose recognition based mutual authentication method with mirror-image encryption technique, based on images and text. The goal of this paper is to emphasize the enhancements on security and usability of existing graphical password schemes. The proposed method is resistant to most of existing attacks such as shoulder-surfing, secret camera etc.
- Dey, S., Sampalli, S., & Ye, Q. 2013. Message digest as authentication entity for mobile cloud computing. In IPCCC (pp. 1--6).Google Scholar
- Confident Technologies, FINAL whitepaper: When Passwords Aren't Enough.Google Scholar
- Adams, A., & Sasse, M. A. 1999. Users are not the enemy. Communications of the ACM, 42(12), 40--46. Google ScholarDigital Library
- Matyáš, V., & Říha, Z. (2002). Biometric authentication---security and usability. In Advanced Communications and Multimedia Security (pp. 227--239). Springer US. Google ScholarDigital Library
- Almuairfi, S., Veeraraghavan, P., & Chilamkurti, N. 2013. A novel image-based implicit password authentication system (IPAS) for mobile and non-mobile devices. Mathematical and Computer Modelling, 58(1), 108--116.Google ScholarCross Ref
- Wiedenbeck, S., Waters, J., Birget, J. C., Brodskiy, A., & Memon, N. (2005, July). Authentication using graphical passwords: effects of tolerance and image choice. In Proceedings of the 2005 symposium on Usable privacy and security(pp. 1--12). ACM. Google ScholarDigital Library
- Stobert, E., & Biddle, R. 2013. Memory retrieval and graphical passwords. In Proceedings of the Ninth Symposium on Usable Privacy and Security (p. 15). ACM. Google ScholarDigital Library
- Lashkari, A. H., Gani, A., Sabet, L. G., & Farm, S. 2010. A new algorithm on Graphical User Authentication (GUA) based on multi-line grids. Scientific Research and Essays, 5(24), 3865--3875.Google Scholar
- Jermyn, I., Mayer, A. J., Monrose, F., Reiter, M. K., & Rubin, A. D. 1999. The Design and Analysis of Graphical Passwords. In Usenix Security. Google ScholarDigital Library
- Suo, X., Zhu, Y., & Owen, G. S. 2005. Graphical passwords: A survey. In Computer security applications conference, 21st annual (pp. 10--pp). IEEE. Google ScholarDigital Library
- G. E. Blonder, Graphical passwords, in United States Patent, vol. 5559961, 1996.Google Scholar
- Takada, T., & Koike, H. 2003. Awase-E: Image-based authentication for mobile phones using user's favorite images. In Human-computer interaction with mobile devices and services (pp. 347--351). Springer Berlin Heidelberg.Google Scholar
- Farnaz Towhindi and Azizah Abdul Manafi, An Enhancement on Paasface Graphical Password Authentication, Universiti Technology Malaysia (UTM), J. Basic. Appl. Sci. Res., 3(2)135--141, 2013.Google Scholar
- Davis, D., Monrose, F., & Reiter, M. K. 2004. On User Choice in Graphical Password Schemes. In USENIX Security Symposium (Vol. 13, pp. 11--11). Google ScholarDigital Library
- Meng, Y. (2012, June). Designing click-draw based graphical password scheme for better authentication. In Networking, Architecture and Storage (NAS), 2012 IEEE 7th International Conference on (pp. 39--48). IEEE. Google ScholarDigital Library
- Golofit, K. (2007). Click passwords under investigation. In Computer Security-ESORICS 2007 (pp. 343--358). Springer Berlin Heidelberg. Google ScholarDigital Library
- Nali, D., & Thorpe, J. (2004). Analyzing user choice in graphical passwords. School of Computer Science, Carleton University, Tech. Rep. TR-04-01.Google Scholar
- Ugochukwu, E. E. K., & Jusoh, Y. Y. 2013. A review on the graphical user authentication algorithm: recognition-based and recall-based. International Journal of Information Processing and Management, 4(3), 238--252.Google ScholarCross Ref
- Biddle, R., Chiasson, S., & Van Oorschot, P. C. 2012. Graphical passwords: Learning from the first twelve years. ACM Computing Surveys (CSUR), 44(4), 19. Google ScholarDigital Library
Index Terms
- Implicit graphical password mutual authentication using mirror-image encryption
Recommendations
Authentication using alignment of the graphical password
ICAICR '19: Proceedings of the Third International Conference on Advanced Informatics for Computing ResearchGraphical password authentication is an alternate and yet evolving type of authentication in this current era, it is either recall or recognition based. User will either reproduce the image or recognize the images which was used or produced during the ...
Cryptanalysis of nonce-based mutual authentication scheme using smart cards
ICHIT'11: Proceedings of the 5th international conference on Convergence and hybrid information technologyRecently, many user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication process. In 2008, Liu et al. proposed a new mutual authentication scheme using smart cards which is based on nonce ...
Robust smart-card-based remote user password authenticationscheme
Smart-card-based remote user password authentication schemes are commonly used for providing authorized users a secure method for remotely accessing resources over insecure networks. In 2009, Xu etal. proposed a smart-card-based password authentication ...
Comments