250 likes | 687 Views
The Design and Analysis of Graphical Passwords. Ian Jermyn New York University. Alain Mayer, Fabian Monrose, Michael K.Reiter Bell Labs, Lucent Technologies. Aviel D.Rubin AT&T Labs-Research. Presenter : Ta Duy Vuong taduyvuo@comp.nus.edu.sg. OUTLINE. Introduction
E N D
The Design and Analysis of Graphical Passwords Ian Jermyn New York University Alain Mayer, Fabian Monrose, Michael K.Reiter Bell Labs, Lucent Technologies Aviel D.Rubin AT&T Labs-Research Presenter : Ta Duy Vuong taduyvuo@comp.nus.edu.sg
OUTLINE • Introduction • Textual Passwords with Graphical Assistance • Purely Graphical Passwords • Other graphical password scheme • Summary • References
1.INTRODUCTION • Passwords: method of choice for user authentication. • In practice, passwords are susceptible to attacks. • Exploit features of graphical input displays to achieve better security.
1.INTRODUCTION • Used for any devices with graphical input display • Primarily for PDAs: Palm Pilot, HP iPAQ,…
1.INTRODUCTION • Observation: temporal order & position • Textual password input via keyboard: • Graphical password simplepass 123456789
2.TEXT WITH GRAPHICAL ASSISTANCE GRAPHICAL PASSWORD TEXTUAL PASSWORD WITH GRAPHICAL ASSISTANCE DRAW-A-SECRET SCHEME
2.TEXT WITH GRAPHICAL ASSISTANCE • Use textual passwords augmented by some graphical capabilities. • Aim: to decouple temporal order & position of input.
Conventional 2.TEXT WITH GRAPHICAL ASSISTANCE • Example: password is “tomato”. • Usual way of input:
2.TEXT WITH GRAPHICAL ASSISTANCE With graphical assistance
2.TEXT WITH GRAPHICAL ASSISTANCE • Formally: • k : number of characters in password • A : set of allowed characters • m : number of positions (m>=k) • Textual : f = {1,…,k} A • Graphical : f’ = {1,…,k} A x {1,…,m}
2.TEXT WITH GRAPHICAL ASSISTANCE • One k-character conventional password yields: m!/(m-k)! graphical passwords Ex: Password is “ILoveNus” • k=8 (characters) • Choose m=10 (positions) approximately 1.8 x 106graphical passwords
3.DRAW-A-SECRET (DAS) SCHEME GRAPHICAL PASSWORD TEXTUAL PASSWORD WITH GRAPHICAL ASSISTANCE DRAW-A-SECRET SCHEME
3.DRAW-A-SECRET (DAS) SCHEME 3.1 Introduction • Password is picture drawn on a grid. • Users freed from having to remember alphanumeric string. • What is good about picture-based password?
3.DRAW-A-SECRET (DAS) SCHEME 3.2 Password input (2,2) (3,2) (3,3) (2,3) (2,2) (2,1) (5,5) (5,5) is pen-up indicator
Sequence of coordinates of password P Hashed using SHA-1 Key k Derived to make keys Triple-DES 3.DRAW-A-SECRET (DAS) SCHEME 3.3 Encryption Tool for PDA • Use Triple-DES to encrypt/decrypt data stored on PDA Process of making keys for Triple-DES
Sequence of coordinates P Sequence of coordinates P’ Hashed using SHA-1 Hashed using SHA-1 Key k Key k’ Ek(P) restult=Dk’(Ek(P)) Store Ek(P) ressult = P ?? Process of setting password Process of verifying password 3.DRAW-A-SECRET (DAS) SCHEME 3.3 Encryption Tool for PDA
3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme • Textual passwords are susceptible to attacks because: • Users do not choose passwords uniformly. • Attackers have significant knowledge about the • distribution of user passwords (users often choose passwords based their own name…) • information about gross properties (words in English dictionary are likely to be chosen)
3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme • Knowledge about the distribution of user password is essential to adversary. • DAS scheme gives no clues about user choice of passwords. • Harder to collect data on PDAs than networked computers.
3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme • Size of Password space: • Lmax P : password • ∏(Lmax,G) = ∑ P(L,G) Grid size GxG • L=1 L : length of password • Lmax : maximum length of password • l=L N: number of strokes • P(L,G) = ∑ P(L-l,G)N(lG) l : length of stoke • l=1 • N(l,G) = ∑ n(x,y,l,G) n : number of strokes of length l • (x,y)∈[1..G]x[1..G](x,y) : ending cell
3.DRAW-A-SECRET (DAS) SCHEME 3.4 Security of the DAS Scheme • New password scheme cannot be proven better than old scheme because of human factor ! • However, above table shows raw size of graphical password space surpasses that of textual passwords.
4. Another graphical password scheme • To login, user is required to click within the circled red regions (chosen when created the password) in this picture. The choice for the four regions is arbitrary • Known since the mid 1990s, starting with G.Blonder in his paper “Graphical Passwords”
5. SUMMARY • Textual passwords with graphical assistance: conventional passwords equipped with graphical capabilities. • Improvements over textual passwords: • Decouple positions of input from temporal order • Larger password space
5. SUMMARY • Draw-A-Secret (DAS) Scheme: • Pictures are easier to remember • Attackers have no knowledge of the distribution of passwords • Larger password space • Decouple position of inputs from temporal order
6. REFERENCES • “The Design and Analysis of Graphical Passwords” by Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K.Reiter, Aviel D.Rubin • “Graphical passwords” by Leonardo Sobrado, Jean-Camille Birget, Department of Computer Science, Rutgers University • “Graphical Dictionaries and the Memorable Space of Graphical Passwords” by Julie Thorpe, P.C. van Oorschot • “Human Memory and the Graphical Password” by David Bensinger, Ph.D. • “Passwords: the weakest link?” CNET News.com