Copyright© cs-tutorial.com CONTENTS Introduction Authentication Schemes Functionalities Required 3D Password selection and Input Virtual Environment Design Guidelines Applications Security Analysis Attacks and Countermeasures Conclusion INTRODUCTION Commonly used authentication schemes are textual passwords, graphical passwords and biometrics. 3D password is a multifactor authentication scheme. To be authenticated, werequirea3Dvirtualenvironment. Combines recognition-,recall-,token-,and biometrics- based systems. Users choice to select the type of authentication technique. AUTHENTICATION SCHEMES KNOWLEDGE BASED Recall based Recognition based TOKEN BASED eg : smart card BIOMETRIC BASED Fingerprint ,palm prints ,hand geometry ,face recognition Intrusiveness upon a user’s personal characteristics. GRAPHICAL PASSWORDS Recognition based Recall based FUNCTIONALITIES REQUIRED New scheme should combine the existing authentication schemes Freedom to select the type of authentication technique. Should provide secrets that are easy to remember ,difficult toguess. 3D PASSWORD SELECTION AND INPUT 3D environment space represented by the co-ordinates User navigate into the 3D virtual environment using any input device. The sequence of actions and interactions forms the users3D password. Representation of user actions in the 3D virtual environment (10,24,91) Action=Open the office door; (10,24,91) Action=Close the office door; (4,34,18) Action= Typing,“F”; (4,34,18) Action= Typing,”A”; (4,34,18) Action= Typing,”L”; (4,34,18) Action= Typing,”C”; (4,34,18) Action= Typing,”O”; (4,34,18) Action= Typing,”N”; (10,24,80) Action= Pick up the pen; (1,18,80) Action= Drawing, point=(330,130). Virtual Computer where user typing a textual password as a part of user’s 3D Password Snapshot of a proof-of-concept virtual art gallery State diagram of a 3D Password application 3D VIRTUAL ENVIRONMENT DESIGN GUIDELINES Real-life similarity Object uniqueness and distinction Three-dimensional virtual environment System importance APPLICATIONS Critical servers. Nuclear and military facilities. Airplanes and jetfighters. ATMs, PDA’s, desktop computers and laptops. SECURITY ANALYSIS 3D Password Space Size. 3D Password Distribution Knowledge. ATTACKS AND COUNTERMEASURES Brute Force Attack Well-Studied Attack Shoulder Surfing Attack Timing Attack CONCLUSION Commonly used authentication schemes are vulnerable to attacks. 3D Password is a multifactor authentication scheme. Design of 3D virtual environment, selection of objects inside the environment, and the object type reflects the resulted password space. User’s choice and decision to construct the desired and preferred 3D password