Graphical Password Aunthenthication Using Ccp 3d Schema

Published Date: 02 Nov 2017

ABSTRACT

The most commonly method used for authentication is textual password. But now a day’s textual password are not more secure. Because users do not follow their requirements. Users tend to meaningful words from dictionaries, which make textual pass- words easy to break and vulnerable to dictionary or brute force attack Therefore for avoiding the limitation of textual password we are implementing Graphical password authentication using CCP and 3D schema. In CCP Users click on one point per image for a sequence of images. The next image is based on the previous click-point. And in 3D we present a 3-D virtual environment where the user navigates and interacts with various objects. The sequence of actions and interactions toward the objects inside the 3-D environment constructs the user’s 3-D password.

Keywords: Graphical Passwords, Computer Security, Authentication, Usable Security, User Study,3Ds password, 3D virtual environments.

INTRODUCTION

Authentication is the Process where identity of users is determined. For security purpose authentication is important for internet and non internet application. In daily purpose we are use textual passwords. The security weaknesses of using text based passwords for user authentication are well known still we use passwords to authenticate users. Current authentication systems suffer from many weaknesses. Because in this users do not follow their requirements. Users tend to choose meaningful words from dictionaries, which make textual passwords easy to break. And one important thing is that text based password is made up from normally A-Z, a-z.and 0-9 digit so probability of hack the password is more.

In this paper we implement a graphical password schema which is use as alternative to the text base password. .

Department of Computer Enggineering,

University of Pune,

JSPM Wagholi,Pune 412 207.

[email protected]

[email protected]

[email protected]

Research and experience have shown that text-based pass-Words are fraught with both usability and security problems that make them less than desirable solutions. Psychology studies have revealed that the human Brain is better at recognizing and recalling images than text for that reason we are implementing two graphical authentication techniques CCP and 3D password schema Graphical passwords can be divided into two categories as

Follows: 1) recognition based and 2) recall based. Various graphical password schemes have been proposed Graphical passwords are based on the idea that users can recall and recognize pictures better than words.

Cued click point (ccp) is one of the graphical password techniques. This technique divided into two part 1)ccp using single image 2)ccp using multiple image .In first i.e. ccp using single image the password consist of different click point as per user’s requirements in single image only .second technique i.e. ccp using multiple image password consist of one click-point per image for a sequence of images. The next image displayed is based on the previous click-point so users receive immediate implicit feedback as to whether they are on the correct path when logging in. CCP offers both improved usability and security.

3D password technique the 3-D password is a multifactor authentication scheme. It can combine all existing authentication schemes into a single 3-D virtual environment. This 3-D virtual environment contains several objects or items with which the user can interact. The type of interaction varies from one item to another. The 3-D password is constructed by observing the actions and interactions of the user and by observing the sequences of such actions. In 3d we also implement the actual 3d concept we shown it by four different techniques these techniques are 1]wire frame, 2]triangle ,3] wireframe +triangle ,4] polygon the snap shot of these as follows :

Fig 1. 3D Wireframe

Fig 2. 3D Triangle

Fig 3.3D Wireframe+Triangle

Fig 4. 3D Polygon

RELATED WORK

Click cued points and 3-D is a click-based graphical password scheme, a cued-recall graphical password technique. Various graphical password schemes have been proposed as alternatives to text-based passwords .It can be used as password for folder lock , web-driven applications , desktop lock etc.

In future it has great scope. It can be used everywhere instead of text-based password .We can increase the security of this system by increasing the number of levels used, the number of tolerance squares used.

The software should be developed according to the system. The user interface module should be developed in

such a way that the user can easily operate the system. The most important responsibility of developer is maintenance. He is responsible to give support to the customer when they are getting problem related to the software.

It has following additional features:1) Written in Java, so it runs on Mac OS, OS/2, UNIX, VMS and windows

2) Database is Mysql.

3) Highly user friendly and customizable

4) Different look and feel

The proposed Cued Click Points scheme shows promise as a usable and memorable authentication mechanism. By taking advantage of users’ ability to recognize images and the memory trigger associated with seeing a new image, CCP has advantages over Pass Points in terms of usability. Being cued as each images shown and having to remember only one click-point per image appears easier than having to remember an ordered series of clicks on one image.

CCP offers a more secure alternative to Pass Points. CCP increases the workload for attackers by forcing them to first acquire image sets for each user, and then conduct hotspot analysis on each of these images.

In future development we can also add challenge response interaction. In challenge response interactions, server will present a challenge to the client and the client need to give response according to the condition given. If the response is correct then access is granted. Also we can limit the number a user can enter the wrong password.

FIGURE

CCP IMAGE:

Fig.5. CCP passwords can be regarded as a choice-dependent path of images

As shown in Figure 1, each click results in showing a next-image, in effect leading users down a "path" as they click on their sequence of points. A wrong click leads down an incorrect path, with an explicit indication of authentication failure only after the final click. Users can choose their images only to the extent that their click-point dictates the next image. If they dislike the resulting images, they could create a new password involving different click-points to get different images.

3-D IMAGE:

3D Password

Fig 6.3D Architecture

The user will then interact with these properties accordingly. Each object in the 3D space, can be moved around in an (x,y,z) plane. That’s the moving attribute of each object. This property is common to all the objects in the space. Suppose a user logs in and enters the garage. He sees and picks a screw-driver (initial position in xyz coordinates (5,5,5)) and moves it 5 places to his right (in XY plane i.e. (10,5,5).That can be identified as an authentication.

ALGORITHME ANYLISIS

SHA-1

SHA-1 is the most widely used of the existing SHA-1 hash functions, and is employed in several widely used application and protocls.SHA-1 produces a 160 Bits message digest based on principles similar on to those used by Ronald L.Rivest of MIT in the design of the MD4 and MD5 message digest algorithm, But has a more conservative design.

DISTANCE FORMULA

In our project, whenever we select the password (enter the password)the image Will be appeared. After appearing image we select or click on first point. Then select second point, after this we apply distance formula. In distance Formula (x1, x2)are the co-ordinates of first click .and (x2,y2)are the co-ordinates of second click point.similarly,apply this distance Formula for other click.

CONCLUSION:

Being cued as each image is shown and having to remember only one click-point per image appears easier than having to remember an ordered series of clicks on one image. In our small comparison group, users strongly preferred CCP. We believe that CCP offers a more secure alternative to Pass Points. CCP increases the workload for attackers by forcing them to first acquire image sets for each user, and then conduct hotspot analysis on each of these images. This 3-D virtual environment contains several objects or items with which the user can interact. The type of interaction varies from one item to another. The 3-D password is constructed by observing the actions and interactions of the user and by observing the sequences of such actions.