3D PASSWORD

FOR MORE SECURE AUTHENTICATION

Presented By: Pallavi Shelke & Vidhya Chougule

EXISTING SYSTEM
Current authentication systems suffer from many weakness
Textual password are commonly used

Many available graphical passwords have a password space

that is less than or equal to the textual password space

Smart cards or tokens can be stolen Moreover, biometrics cannot be revoked. The 3Dpassword

is a multifactor authentication scheme

Three Basic Identification Methods of password

Possession

(Something I have)
Biometrics

(Something I am)
Knowledge

(Something I know)

Passphrase
Its nothing but the enhance version of password. Usually it is a combination of words or simply

collection of password in proper sequence is Passphrase. It contains any well known thought also. Length of Passphrase is about 30-50 character or more than that also. But it has also some limitations because 30-50 character is creates ambiguity to remember if there is no any proper sequence.

Biometrics
Refer to a broad range of technologies Automate the identification or verification of

an individual Based on human characteristics or body organs Physiological: Face, fingerprint, iris Behavioral: Hand-written signature, voice

Fingerrintingp

View of retinal scan

Voice

Eyes Face

Textual Password: From an research 25% of the password out of 15,000 users can guessed correctly by using brute force dictionary Graphical Password: Graphical passwords can be easily recorded as these schemas take a longtime One main drawback of applying biometric is its intrusiveness upon a users personnel characteristics They require special scanning device to authenticate the user which is not acceptable for remote and internet users

3D PASSWORD SCHEME
The 3D Password scheme is a new

authentication scheme that combine RECOGNITION + RECALL

+TOKENS
+BIOMETRIC (In one authentication system)

 The 3D password presents a virtual

environment containing various virtual objects The user walks through the environment and interact with the objects The 3D password is simply the combination and sequence of user interaction that occur in the 3D environment

BRIEF DESCRIPTION OF SYSTEM

The 3D password can combine most existing authentication such as

textual password, graphical password, and various types of biometrics in to a 3D virtual environment

SYSTEM IMPLEMENTATION
For example, the user can enter the virtual environment and type something on a computer that exists in (x1, y1, z1) position, then enter a room that has a fingerprint recognition device that exists in a position (x2, y2, z2) and provide his/her fingerprint. then, the user can go to the virtual garage, open the car door, and turn on the radio to a specific channel. The combination and the sequence of the previous actions toward the specific objects construct the users 3D password

FOR EXAMPLE:

Virtual Enviornment (Chess)

Virtual objects can be any object we encounter in real life: A computer on which the user can type A fingerprint reader that requires users fingerprint A paper or white board on which user can type A Automated teller (ATM) machine that requires a token A light that can be switched on/off A television or radio A car that can be driven A graphical password scheme

3D PASSWORD APPLICATION
The 3D password can have a password space that is very large compared to other authentication schemes, so the 3D passwords main application domains are protecting critical systems and resources. 1)Critical server
2) Nuclear and military facilities 3) Airplanes and jet fighters

In addition, 3D passwords can be used in less critical systems

A small virtual environment can be used in the following systems like 1) ATM

2) Personal Digital Assistance

3) Desktop Computers & laptop logins 4) Web Authentication

5) Security Analysis

STATE DAIGRAM

SECURITY ANALYSIS
3D Password space size 3D password distribution knowledge

ATTACKS AND COUNTERMEASURES

1)Brute Force Attack
2) Well-Studied Attack 3) Shoulder Surfing Attack 4) Timing Attack

CONCLUSION : 1.The user can decide his own authentication schemes. If he's comfortable with Recall and Recognition methods then he can choose the 3d authentication just used above. 2.The authentication can be improved since the unauthorized persons will not interact with the same object as a legitimate user would. We can also include a timer .Higher the security higher the time. 3.The 3D environment can change according to users request. 4.It would be difficult to crack using regular techniques .Since all the algorithms follow steps to authenticate ,our project has no fixed number of steps .Hence to calculate all those possibilities and decipher them is not easy. 5.Can be used in critical areas such as Nuclear Reactors, Missile Guiding Systems etc. 6.Added with biometrics and card verification ,the scheme becomes almost unbreakable.