CHESS GAME AS A TOOL FOR AUTHENTICATION SCHEME
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue4 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
CHESS GAME AS A TOOL FOR AUTHENTICATION SCHEME
Sandeep Kumar Pandey
Department of Information Technology
Institute of Technology and Management
Gorakhpur (U.P), India
sandeeppandey8137@gmail.com
ABSTRACT resistant property is not strong. To overcome these
First phase for information security is authentication problems, we propose a textual-graphical
and the main phase for authentication is memorability authentication scheme which is based on certain rule
of password and rules that will be used for of chess game. It is based on the fact that an estimated
600 to 700 million people worldwide know that how to
authentication purpose. The most commonly used
play chess [1]. Hence it is easier for user’s to use this
scheme is textual scheme. However the strong scheme because it is based on certain rule of
password of textual scheme is hard to memorize and worldwide playing game and the users who did not
normal passwords are vulnerable to many attacks. know about game, they can easily memorize these
Hence, graphical authentication scheme has been rules, because these rules are certain interesting rule of
proposed as an alternative solution, motivated a game. Hence this authentication scheme is propose to
increase the capability of strong password and security
particularly by the fact that humans can remember
for user, because high capability of scheme is mainly
images better than text. However, these are vulnerable based on memorability. This scheme not only
to shoulder surfing attack. To overcome this problem increases the memorability but also increase usability
many grid based authentication schemes has been because it is based on a worldwide playing game. The
proposed. But, either these scheme’s shoulder surfing proposed authentication scheme will strongly resist the
resistant property is not strong or these have many many attacks such as shoulder-surfing, brute force
complex rules, which are hard to memorize. Hence, to attack, dictionary attack, password stealing, hidden
cameras, random-click attack,. This paper is organized
overcome these problems we propose an
as follows. In Section 2 related work is discussed. In
authentication scheme which is based on chess game. Section 3 the authentication scheme based on the tool
Since this scheme contains only two rules of chess, and its enhanced variants are proposed. Section 4
hence easy to memorize. represents the analysis and discussion. Section 5
represents user study and Section 6 represents
Keywords: Session password, Password pair, conclusion.
Memorability, Rook rule, Bishop Rule.
II. RELATED WORK
In old times, for securing communication between
I. INTRODUCTION soldiers, watchwords are used. Through this they
The most commonly used schemes Textual scheme. In would challenge who wishes to enter their territory.
this scheme, a simple string of password is used for After some time, it was necessary to transmit these
password. However the strong password of textual watchwords in very secure way [2].Alpha-numeric
scheme is hard to memorize and normal passwords are passwords were first introduced in the 1960s as a
vulnerable to many attacks such as hidden camera solution to security issues that became most commonly
attack, shoulder-surfing attack, brute force attack etc. used password scheme for users. These are easy to use
To increase the memorability of password, a graphical but vulnerable to many attacks such as dictionary
password scheme has been proposed. This scheme attack, shoulder-surfing etc. These attacks take too
based on the fact that human can remember images much less time to break alpha-numeric or textual
better than text; hence the capability of password will passwords. According to Adams and Sasses [3] users
be increased. But these are also vulnerable to many tend to choose short and/or guessable passwords which
attacks such that shoulder surfing and hidden camera. are easy to use and memorize. And these user’s acts
To overcome these problems, Biometric system and make authentication scheme vulnerable. But they also
Textual-Graphical scheme have been proposed. But came on conclusion that system developers and
biometric system’s devices are too much costly and operators can move beyond blaming users towards
textual graphical methods either force to memorize too developing security systems that users can actually
many text strings and rules or their shoulder surfing
IJSRET @ 2012
International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
use. Hence, many graphical schemes have been Jansen [18, 19] proposed a graphical password
proposed as an alternative to conventional textual authentication scheme for mobile devices. During
based schemes. These schemes based on the fact that password creation in registration phase, a user selects a
human can remember images better than textual theme consisting photos in thumbnail size and set a
password, and it is also based on assumption that sequence of picture as password. But the password
images are too much worth than text Shepard space of this scheme is not large because the number
[4].Blonder [5] designed a graphical password scheme of images is limited to 30. Syukri [20] develop a
in which a password is created by having the user click technique where authentication is done by drawing
on several locations and during authentication; the user user signature using mouse. But the main problem
must click on pre-defined location of image. associated with this scheme is that drawing with
Wiedenbeck et al. [6, 7, 8] proposed the “Pass Point” mouse is not familiar to many people, because it is
system. This system extended Blonder’s idea by difficult to draw the signature in the same coordinates
allowing arbitrary images to be used and eliminating or same perimeters at the time of registration. Man, et
the predefined boundaries. Hence, a user can click on al. [21] proposed another shoulder surfing resistant
any place on an image (which is opposed to some pre- algorithm in which user select a number of pictures as
defined areas) to create his/her password. In this pass-objects. Each pass-object has several variants and
system, tolerance is calculated around each chosen each variant is assigned a unique code. During
pixel. During authentication, the user must have to authentication, the user is challenged with several
click within the tolerance of the chosen pixels. scenes. Each scene contains several pass-objects and
Dhamija and Perrig [9] proposed a graphical many decoy objects. The user has to type in a string
authentication scheme where the user has to identify with the unique code corresponding to the pass-object
the predefined images to prove user’s authenticity. In variants present in the scene as well as code indicating
this system the user select a certain number of images the relative location of the pass-objects in reference to
from a set of pictures during registration. Later during a pair of eyes. The common weakness in these entire
login the user has to identify the pre-selected images graphical password authentication schemes is that they
for authentication from a set of images. Passface [10] are vulnerable to shoulder surfing attacks. Hong, et al.
is a technique based on the assumption that people can [22] later expended this approach to allow users to
recall human faces from a face database as their future assign their own codes to pass-object variants.
password. In this authentication scheme, the user is Haichang et al. [23] proposed a new shoulder surfing
presented with grid of nine faces, consisting of one resistant scheme, where the user is required to draw a
face previously chosen by the user and eight decoy curve across their password images orderly rather than
faces. The user recognizes the faces and click clicking on them directly. However, these graphical
anywhere on known face. Since there are four user schemes have complex rule to memorize or their
selected images, it is done for four times. Davis, et al. shoulder-surfing resistant property are not strong.
[11] proposed a graphical authentication scheme that More graphical password schemes have been
used images instead of faces. Weinshall and summarized in a recent survey paper [24]. To make
Kirkpatrick [12] proposed several authentication password scheme shoulder- surfing resistance, many
schemes such as pseudo word recognition; object Biometric and Textual-Graphical schemes have been
recognition and picture recognition. They conducted proposed. But the devices of biometric system are too
many user studies on these recognitions and came on much costly. Hence its usability is low. Zhao and Li
conclusion that pictures are most effective than the [25] proposed a shoulder-surfing resistant scheme
other two proposed schemes. Jermyn, et al. [13] “S3PAS”. In this scheme user create a textual
proposed a technique called “Draw A Secret (DAS)”, password during registration and makes combination
where the user is required to re-draw the predefined of three pass characters. And use these pass-characters
picture on 2D grid. The coordinates of this drawing on to make session password by clicking inside the
the grid are stored in order. For valid authentication triangle made by these pass-characters in a displayed
user have to redraw images which touches all grid. The main problem of this scheme is that it
coordinates of image in same sequence. Some further contains three click-rules. Hence, forces user to
researches based on DAS were conducted [14, 15, memorize too may rules. . M Srilatha et al. [26]
16].Goldberg [17] designed a technique known as proposed two authentication schemes for session
“pass doodle”. In this graphical authentication scheme, password using color and images. In his pair-based
stylus is used to draw handwritten design or text onto a authentication scheme, user make textual password in
touch sensitive screen. They came on conclusion that registration phase and use this password to make pass
order should be neglected because order in which pair. The first symbol of pass pair is used to select the
password is drawn introduces too much complexity. S. row and second symbol is used to select column on
IJSRET @ 2012International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
displayed grid, and the intersection of row and column
is the session password for login phase. The main
problem with this scheme is that in this length of
textual password should be even and there should be
no pass pair having both symbol identical i.e. “SS”. In
his Hybrid textual authentication scheme, the user has
to rate the color. The first color of every pair in color Fig1 (a).Bishop Movement Fig 1(b).Rook Movement
grid represents row and second represents column of
the number grid. The number in the intersection of the
row and column of the grid is part of the session For Bishop Movement, I always select longest
password. However, this method forces the user to diagonal for movement. This will be called as bishop
memorize color rating and not applicable for color rule. To make ease for user, so that he/she can select
blindness user. To increase usability many longest diagonal too easily; we divide the grid into
authentication schemes has been proposed which are four quadrant and give the direction to each quadrant.
based on games. Hai Tao and Adams [27] proposed Hence, for Bishop Movement, user has to see that
graphical scheme on the basis of ancient game “Pass- his/her original password is in which quadrant, and
Go”. As the name implies, Pass-Go is a grid-based then select the movement according to the direction
scheme. However, different from DAS, Pass-Go given in respective quadrant. The fallowing figure
requires a User to select (or touch) intersections (Figure 2) shows the respective quadrant and direction
instead of cells, as a way to input a password. with grid.
Consequently, the coordinate system refers to a matrix
of intersections, rather than cells as in DAS.
Malempati and Mogalla [28] proposed an
authentication scheme based on ancient Indian game.
This scheme increase usability as well as memorability
than other graphical scheme. But the main drawback of
these two schemes is that they are vulnerable to
shoulder surfing attack and to overcome these problem
they perform some mapping through which they can
make session password. These extra mapping not only
increase complexity but also decrease the
memorability and usability because due to use of these
mapping, user have to remember many rules.
III. AUTHENTICATION SCHEME USING Figure 2.Quadrants and respective direction for
“CHESSGAME” selecting longest diagonal in Bishop Rule
This authentication scheme contains three phase:
Registration, Login and Verification. In registration
phase, user has to submit his/her user name and 3.1. Notation
Password. The minimum length of password should be There are the fallowing notations, which will be used
7. In login phase, an interface of grid (10×10 or throughout the paper for analysis and discussion.
12×12) will be displayed, through which user have to
make his session password by using certain rule of S: Set of all printable symbols which are used
chess game (i.e. Bishop Rule and Rook rule). The in grid.
verification phase will verify the password of user and
allow him/her to access their account. The two pieces |S|: Total number of printable symbolic grid.
of chess, whose rules used in this authentic cation K: Original password which is Special
scheme, are Bishop and Rook. In chess, the bishop can combination of printable symbol.
move any number of squares diagonally. And Rook |K|: Total number of printable symbol in
can move any number of squares along any rank or original password.
file, or can move any number of square vertically or
|P|: Total number of Priority set.
horizontally. I called it Rook rule. The movement of
Bishop and Rook are shown in figure 1(a) and 1(b) |L|: Length of session password in Enhanced
respectively. Scheme(i.e. based on priority set)
IJSRET @ 2012International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
3.2. Basic Authentication Scheme 4. Bob finds his characters of pair-pass “S” and
This scheme contains mainly two variants, which are “1”, since the movement through Bishop Rule
designed for different security and environment. The and vertical movement of Rook have a
basic authentication scheme is one of them. In common square, hence click or input the
registration phase, user has to submit his password just session character (i.e., “L”).
like conventional textual password i.e. K. This
password will be known as original password, which
has to be memorized to user. In this scheme, user has
to consider his original password in term of pair of
password or pass pair. To generate pass pair, let us
take a K, which is set of character K1,K2,K3.....,Km, m
= |K|(where K1 is first symbol of string K, K2 is second
symbol,K3 is third symbol and so on). User has to
consider his original pass in terms of pairs. First pair
will be K1K2, second will be K3K4 and so on. If |K| is
odd then last pair will be K1Km. The first symbol of
pass pair will be used for Bishop Rule, and the second
symbol will be used for movement of Rook in vertical
direction. The common square of these movements
(i.e. intersection symbol of these movements) will be
session password. If there is no common square, then Figure 3(a).Common square for “SA” Pass-pair
move Rook in horizontal direction. If both symbol of
pass pair are identical then using Bishop rule, select
the third-next symbol from symbol of pass pair(i.e. for
top two quadrant, next will be going downward in
diagonal and for other two quadrant will be going
upward) as session password.
To show the login process, let us take an example. I
assume that the user Bob’s original password K is
“SANDEE1”. Since the length of the password is, |K|
= 7, based on the Basic authentication scheme rule,
Bob has to click four times correctly in the right
sequence to be authenticated. Since the |K| is odd, the
first three combinations pair pass in order are “SA”,
“ND”, “EE” and last will be “S1”. The login procedure Figure 3(b).Common square for “ND” Pass-pair
consists of the following four steps and is also shown
in Figure 3(a) to (d).
1. Bob finds his characters of pair-pass “S” and
“A”, since the movement through Bishop rule
and vertical movement of Rook is not
intersecting, we move Rook in horizontal and
find the common square of movements as
session character (i.e., “R”).
2. Bob finds his characters of pair-pass “N” and
“D”, since the movement through Bishop Rule
and vertical movement of Rook, have a
common square, hence click or input the
session character (i.e., “j”).
3. Bob finds his characters of pair-pass “E” and
“E”, since they are identical, hence click at Figure 3(c).Square for “EE” Pass-pair
third- next symbol from character of pass –pair
in diagonal using Bishop Rule or input the
session character (i.e., “b”).
IJSRET @ 2012International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
Figure 3(d).Square for “S1” Pass-pair
In this example, Bob’s original password is
“SANDEE1”, and his session password is four clicks
in sequence or printable password “RjbL”. He has to
click four times using certain chess rule (i.e. Bishop
and Rook rule) or input the session passwords “RjbL” Figure 4.Example of Priority Set
to be authenticated.
3.3 Enhancement In the Basic scheme, if password is |K| in length, then
We increase the N in grid by using images instead of user has to click times, which releases her
text in grid layout. The increase in |S| not only password length to attackers. However, users can
decrease the success probability of Random-click protect their password length information well by the
attack but also decrease success probability of Guess Priority set rule. In addition, it could be easier for users
because |S| is inversely correlated to Guess and success to remember their own interest of selected Priority set.
probability of Random click attack(see section 4). This enhanced scheme can be used for high capability
Hence it will not only increase capability but also and high security because it will decrease success
increase security. probability of all attack.
3.3.1. Priority-based Scheme IV. ANALYSIS AND DISCUSSION
In this scheme, we can set priority as we want e.g. if In this scheme, session password is used for login.
we want to move rook first or set priority for Since, interface changes at every login, session
horizontal or vertical move of Rook, then we can set password will be unique for each login. Hence, once
priority according to it. We use only 16 priority set, i.e. the session terminated, session password will be
|P|=16. The priority set can be increased by increasing invalid.Hence this scheme is resistant to Shoulders
Rule for identical symbol. The priority set which we surfing, Hidden cameras, Random click attack, Brute
use are shown in figure 4. force attack, Guessing, Dictionary attack etc.
During registration phase, the user has to select one of 4.1. Complexity
the Priority set. The primary advantage of this
Complexity of this scheme is mainly depend son
enhanced scheme is that, this scheme will hide the rule
original password because all clicks for session
of clicking. In the basic scheme, the click-rule is open
passwords are related to original password. Hence,
to public, while in Enhanced scheme, only the users
complexity for original password of length |K| will be
themselves know their “Priority Set Rule”. Hence, it
|S||K|.
will be become extremely hard for attackers to break
user’s password using password analysis techniques.
Further, the Priority-based scheme hides the length |K| 4.2. Shoulder Surfing Attack
of user’s password. A shoulder-surfing attack consists of a deliberate
attempt to gain knowledge of protected information
IJSRET @ 2012International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
through observation [29]. This kind of attack is also 4.6. Guessing
commonly known as a peeping attack [30].This Guessing is not possible for this scheme, because there
scheme is shoulder surfing resistance because we use is possible combination of original password
grid and session password, which changes at every for Basic scheme and |P|× for Enhanced scheme.
login. Hence, hacker will be not able to gain the
original password.
V. USER STUDY
4.3. Brute Force Attack Is elected 30 students randomly, and told them about
It involves systematically checking all possible rules and showed diagrams. These students were
combination of symbol until the correct combination is divided into three subgroups, one who knew about
found. But, due to use of changing interface and playing chess, second who knew only mathematics and
session password, it is not possible. Hence, Brute force third who didn’t knew anything about both (i.e. chess
attack is not possible in this scheme. and math). The first subgroup had 3 students and they
knew about playing chess. The second subgroup had
4.4. Random Click Attack 18 students and they knew about math. And the third
In this scheme, we choose the common squareand use subgroup has 9 students. I had divided groups into
it as the session password. However, attackers have the these categories because chess is directly correlated to
chance to click the right common squarejust by math. The memorability of these groups is given in
random-click even though they do not really know the below table for two subsequent weeks.
password. This kind of attack is called “random-click
attack.”Due to uniqueness of common square, success TABLE 1
of random click is too much less or negligible. RESULT OF MEMORABILITY
i.e. success of probability of random click attack for Subgroup Memorability Memorability
basic scheme is given by, after First Week after Second
Week
P (B) = = ×|S|-|K| first subgroup 1 1
second 0.96 0.94
And success of probability of random click attack for subgroup
Enhanced scheme is given by,
third 0.83 0.78
P (E) = =|L|×|P| ×|S| , Where |L| ≥
-1 -|K|
. subgroup
Hence, I saw that first subgroup can easily memorize
Hence, in our Basic scheme, Maximum success of
because they had to only learn about pairing concept
probability of random click attack (i.e. when |S|= 100,
which was also too much easy. This scheme was also
|K| =7) will be, Maximum P (B) =4× , which is
easy for second subgroup because they were already
too much less or negligible. knows about horizontal, vertical and diagonal concept,
they had to memorize only rule concept. The third
Similarly, for Enhanced scheme, Maximum success of subgroups have slightly less memorability because
probability of random click attack (i.e. when |S|= 144, they had to remember rules, but, since it is based on
|K| =7 and |P|=16) will be, Maximum P (E) = direction. It is also easy for them.
4.87× |L|, which is also negligible. This success I found that 90% student of this groups are interested
probability is Maximum because as we increase the |K| in this authentication scheme, 80% want to use it for
or |N|, success probability will decrease. Hence, high security purpose and only 10% are neither
Random click attack is not possible in this scheme. interested in game nor want to use it for high security
purpose.
4.5. Dictionary Attack
A dictionary attack tries only those possibilities which VI. CONCLUSION
are most likely to succeed and these are typically Propose an Authentication scheme which not only
derived from a list of words. But this attack fails increase security but also increase memorability and
towards our authentication scheme, because our usability. This scheme over comes the entire problems
scheme uses session password. Hence, due to change (i.e. which are discussed in section 3). Hence this
in grid and session password, manipulation of “list of scheme contains only two rules and no extra mapping
word” is not possible. is required for shoulder surfing resistance or hidden
IJSRET @ 2012International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
cameras. My user study is based on paper work. This [12] D. Weinshall and S. Kirkpatrick, "Passwords You’ll
user study is done mainly to show memorability of this Never Forget, but Can’t Recall," in Proceedings of
scheme. To find time requirement (i.e. maximum and Conference on Human Factors in Computing
minimum time of each phase) of this scheme are my
Systems (CHI). Vienna, Austria: ACM, 2004, pp.
future work.
1399-1402.
REFERENCE [13] I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and
[1] http://en.citizendium.org/wiki/chess A.D. Rubin in Proceeding of Design and Analysis of
[2] Polybius, The General History of Polybius Volume 3 Graphical password. In the 8th USENIX Security
– The Roman Military System, Public Symposium, 1999.
domaintranslation by N.S.Gill. [14] J. Thorpe and P. C. v. Oorschot, "Graphical
http://ancienthistory.about.com/library/bl/bl_text_pol Dictionaries and the Memorable Space of Graphical
ybius6.htm Passwords," in Proceedings of the 13th USENIX
[3] Adams and M.A. Sasse. Users are not the enemy. Security Symposium. San Deigo, USA: USENIX,
Why users compromises computer security 2004.
mechanism & how to take remedial measures. [15] J. Thorpe and P. C. v. Oorschot, "Towards
Communication of the ACM. SecureDesign Choices for Implementing Graphical
42:41-46, 1999 Passwords," in Proceedings of the 20th Annual
[4] R. N. Shepard, "Recognition memory for words, Computer Security Applications Conference.
sentences,and pictures," Journal of Verbal Learning Tucson, Arizona, 2004.
and VerbalBehavior, vol. 6, pp. 156-163, 1967. [16] D. Nali and J. Thorpe, "Analyzing User Choice in
[5] G.E. Blonder. Graphical Passwords. United State Graphical Passwords," Technical Report, School of
Patent. Information Technology and Engineering,
559961, 1996 University of Ottawa, Canada May 27 2004.
[6] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, [17] J. Goldberg, J. Hagman, and V. Sazawal, "Doodling
and N. Memon, "Authentication using graphical Our Way to Better Authentication," presented at
passwords: Basic results," in Human- Proceedings of Human Factors in Computing
ComputerInteraction International (HCII 2005). Las Systems (CHI), Minneapolis, Minnesota, USA,
Vegas, NV, 2005 2002.
[7] S. Wiedenbeck, J. Waters, J. C. Birget, A. [18] W. Jansen, "Authenticating Users on Handheld
Brodskiy,and N. Memon, "Authentication using Devices “in Proceedings of Canadian Information
graphical passwords: Effects of tolerance and image Technology Security Symposium, 2003.
choice," in Symposium on Usable Privacy and [19] W. Jansen, "Authenticating Mobile Device User
Security (SOUPS). Carnegie-Mellon University, through Image Selection," in Data Security, 2004.
Pittsburgh, 2005. [20] F. Syukri, E. Okamoto and M. Mambo, “A User
[8] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, Identification System Using Written with Mouse,” in
and N. Memon, "PassPoints: Design and Australian Conference on Information Security and
longitudinal evaluation of a graphical password Privacy (ACISP): Springer-Verlag Notes in
system,"International Journal of Human Computer Computer Science (1438), 1998, pp. 403-441.
Studies, to appear. [21] S. Man, D. Hong, and M. Mathews, "A shoulder
[9] R. Dhamijaand A. Perrig. “De’ja’ Vu: A user study surfing resistant graphical password scheme," in
using images for Authentication”. In 9th USENIX Proceedings of International conference on security
security symposium, 2000. and management. Las Vegas, NV, 2003.
[10] Real User Corporation: Passfaces. [22] D. Hong, S. Man, B. Hawes and M. Mathews. A
www.passfaces.com Password scheme strongly resistant to spyware. In
[11] Davis D., F. Monrose, and M.K. Reiter. “On User proceeding of international conference on security
Choice in Graphical Password Schemes” 13th and management, Las Vegas, NV, 2002.
USENIX Security Symposium, 2004.
IJSRET @ 2012International Journal of Scientific Research Engineering & Technology (IJSRET)
Volume 1 Issue3 pp 076-083 July 2012 www.ijsret.org ISSN 2278 - 0882
[23] HaichangGao, ZhongjieRen, Xiuling Chang, Xiyong
Liu UweAickelin, “A New Graphical Password
Scheme Resistant to Shoulder-Surfing.”
[24] ArashHabibiLashkari and SamanehFarmand , “A
Survey on usability and Security features in
graphical user authentication algorithms”, in IJCSNS
International Journal of Computer Science and
Network Security, VOL.9 No.9, September 2009.
[25] H. Zhao and X. Li, “S3PAS: A Scalable Shoulder-
Surfing Resistant Textual-Graphical Password
Authentication Scheme,” in 21stInternational
Conference on Advanced Information Networking
and Application Workshops (AINAW 07), Vol.2.
Canada, 2007, pp. 467-472
[26] M. Sreelatha, M. Shashi, M. Anirudh, MD. Sultan
Ahmar and V. Manoj Kumar, “Authentication
Schemes for session Passwords using Color and
Images”. InternationalJournal of Network Security
and its Application (IJNSA), Vol.3, No.3, May 2011.
[27] H. Tao and C. Adams, “Pass-Go: A proposal to
improve the usability of graphical
passwords”,International Journal of Network
Security, vol. 7, no. 2, pp. 273-292, 2008.
[28] SreelathaMalempati and ShashiMogalla, “An ancient
Indian Board Game as Tool for Authentication
scheme”, International Journal of Network Security
& Its Applications (IJNSA), Vol.3, No.4, July 2011.
[29] CMS Information Systems - Threat Identification
Resource Version 1.0, Pages 2-3. Centers for
Medicare & Medicaid Services, Baltimore,
Maryland, May 7, 2002.
[30] Tetsuji Takada. fakePointer: An Authentication
Scheme for Improving Security against Peeping
Attacks using Video Cameras. In The Second
International Conference on Mobile Ubiquitous
Computing, Systems, Services and Technologies,
Pages 395-400. National Institute of Advanced
Industrial Science and Technology, 2-41-6, Aomi,
Koto-ku, Tokyo, 135-0064, JAPAN, 2008.
IJSRET @ 2012You can also read
