Copyright© cs-tutorial.com

CONTENTS Introduction

Authentication Schemes

Functionalities Required

3D Password selection and Input

Virtual Environment Design Guidelines

Applications

Security Analysis

Attacks and Countermeasures

Conclusion

INTRODUCTIONCommonly used authentication schemes are

textual passwords, graphical passwords and biometrics.

3D password is a multifactor authentication scheme.

To be authenticated, werequirea3Dvirtualenvironment.

Combines recognition-,recall-,token-,and biometrics-based systems.

Users choice to select the type of authentication technique.

AUTHENTICATION SCHEMES

KNOWLEDGE BASED Recall basedRecognition based

TOKEN BASEDeg : smart card

BIOMETRIC BASEDFingerprint ,palm prints ,hand geometry ,face

recognitionIntrusiveness upon a user’s personal

characteristics.GRAPHICAL PASSWORDS

Recognition basedRecall based

FUNCTIONALITIES REQUIRED

New scheme should combine the existing authentication schemes

Freedom to select the type of authentication technique.

Should provide secrets that are easy to remember ,difficult toguess.

3D PASSWORD SELECTION AND INPUT

3D environment space represented by the co-ordinates

User navigate into the 3D virtual environment using any input device.

The sequence of actions and interactions forms the users3D password.

Representation of user actions in the 3D virtual environment(10,24,91) Action=Open the office door;(10,24,91) Action=Close the office door;(4,34,18) Action= Typing,“F”;(4,34,18) Action= Typing,”A”;(4,34,18) Action= Typing,”L”;(4,34,18) Action= Typing,”C”;(4,34,18) Action= Typing,”O”;(4,34,18) Action= Typing,”N”;(10,24,80) Action= Pick up the pen;(1,18,80) Action= Drawing, point=(330,130).

Virtual Computer where user typing a textual password as a part of user’s 3D Password

Snapshot of a proof-of-concept virtual art gallery

State diagram of a 3D Password application

3D VIRTUAL ENVIRONMENT DESIGN GUIDELINES

Real-life similarity

Object uniqueness and distinction

Three-dimensional virtual environment

System importance

APPLICATIONS

Critical servers.

Nuclear and military facilities.

Airplanes and jetfighters.

ATMs, PDA’s, desktop computers and laptops.

SECURITY ANALYSIS

3D Password Space Size.

3D Password Distribution Knowledge.

ATTACKS AND COUNTERMEASURES

Brute Force Attack

Well-Studied Attack

Shoulder Surfing Attack

Timing Attack

CONCLUSIONCommonly used authentication schemes are

vulnerable to attacks.3D Password is a multifactor authentication

scheme.Design of 3D virtual environment, selection

of objects inside the environment, and the object type reflects the resulted password space.

User’s choice and decision to construct the desired and preferred 3D password