3-D

PASSWORD
A MORE
AUTHENTICATION
SECURE

PRESENTED BY :
MANISHA SAINI
1. Password
CONTENTS
2. Passphrase
3. Authentication
4. Drawbacks of Human Authentication Techniques
5. 3D password
6. Virtual Environment
7. Virtual Objects
8. System Implementation
9. Mathematical Concept Related to 3D password
10. Example
11. State Diagram
12. Working of 3D password
13. Programming languages
14. Attacks and Counter Measures
15. Advantages
16. Disadvantages
17. Applications
18. References
 PASSWORD
A password is a word or string of
characters used for the
authentication to prove identity.
Password is basically an encryption
algorithms.
It is 8-15 character or slightly more
than that.
Passwords are the first line of
defense against cyber criminals.
 PASSPHR
ASE
It is the advanced version of
password.
It is a combination of words or simply
collection of password in a proper
sequence.
Length of passphrase is from 30-50
words or more than that also.
More secure than an ordinary
password.
 AUTHENTICA
AuthenticationTION
is a process of
validating who are you to whom you
are claimed to be.

Human authentication techniques

are :
1. Knowledge based (What you know)
2. Token based (What you have)
3. Biometrics (What you are)
1. KNOWLEDGE BASED
(a) Pin
(b) Password
(c) Patterns

2. TOKEN BASED
(a) Keys
(b) Passport
(c) Smart card
(d) ID proofs

3. BIOMETRICS
(a) Face
recognition
(b) Fingerprints
(c) Iris
(d) DNA
(e) Voice
DRAWBACKS OF HUMAN AUTHENTICATION
TECHNIQUES
1. KNOWLEDGE BASED
(a) Easy to remember -> Easy to break
Hard to guess -> Hard to remember
(b) Vulnerable to attacks like dictionary attacks, brute force
attacks etc.
2. TOKEN
(a) Duplicate keys, smart cards, ID proofs are
BASED
easily available.
3. BIOMETRICS
(a) Instructiveness to privacy.
(b)Resistance to exposure of retinas to IR
rays.
(c) Hackers implement exact copy of your
biometrics.
 3-D
PASSWORD
The 3D password is a multifactor authentication
scheme that combine KNOWLEDGE BASED +
TOKEN BASED + BIOMETRICS in one
authentication system.
It presents a virtual environment containing
various virtual objects.
It is simply the combination and sequence of
user interactions that occur in the 3D
environment.
The user walks through the environment and
interacts with the objects.
More customizable and very interesting way of
authentication.
 VIRTUAL
ENVIRONMENT
A virtual environment is a computer-based
simulated environment.
The 3D virtual environment consists of many
items and objects.
It is created inside a 2D screen and is a real time
scenario .
Each item has different responses to action.
The user actions, interactions and inputs towards
the objects or toward the 3D virtual environment
creates the users 3D password.
Communication between users can range from
text, graphical icons, visual gesture, sound, and
rarely, forms using touch, voice command, and
balance senses.
 3D virtual environment affects the
usability, effectiveness and
acceptability of a 3D password
system.
3D environment reflects the
administration needs and security
requirements.
IMAGES OF VIRTUAL
ENVIRONMENT
 VIRTUAL OBJECTS
Virtual objects can be any objects we encounter in
real life such as:
A computer on which user can type.
An ATM machine that requires a token (ATM card).
A fingerprint reader that requires user fingerprints.
A paper or white board on which user can write.
A light that can be switched on/off.
A television.
A radio.
A car that can be driven.
A graphical password scheme.
 SYSTEM
IMPLEMENTATION
The action towards an object that
exists in location (x1,y1,z1) is different
from action towards an another object at
(x2,y2,z2).
To perform the legitimate 3D password
the user must follow the same scenario
performed by the legitimate user.
This means interacting with the same
objects that reside at exact location and
perform the exact actions in the proper
sequence.
EMATICAL CONCEPT RELATED TO 3D PASSW

1. Time Complexity :
Let us assume that A is the virtual 3D environment
plotting and B is algorithmic processing. Then,
Time complexity = Am + Bn
where m is time required to communicate with system,
and n is time required to process each algorithm in 3D
environment.
2. Space Complexity:
System include 3D virtual environment, so that each point
in this environment will having 3 co-ordinate values.
Any point from 3D virtual environment is represented in
the form of (X, Y, Z). X, Y & Z are the coordinate values
stored for particular point.
Space complexity = n3
3. Class Of Problem:
Three types of classes provided are:
(a) P class: A decision problem is in P if there is a known
polynomial-time algorithm to get that answer.
(b) NP-hard class: Decision problem is in NP if there is a
known polynomial-time algorithm for a non-deterministic
machine to get the answer.
(c) NP complete class: NP-complete if you can prove
that (1) its in NP, and (2) show that its poly-time
reducible to a problem already known to be NP-complete.
 EXAMP
LE
Let us consider a 3D virtual
environment space of size G x G x G.
The 3D environment space is
represented by the coordinates (x,y,z)
[1,,G] x [1,,G] x [1,,G].
The objects are distributed in the 3D
virtual environment with unique (x,y,z)
coordinates. We assume that the user
can navigate into the 3D virtual
environment and interact with the
objects using any input device such as
 Let us consider a user who navigates through
the 3D virtual environment that consists of an
office and a meeting room. Let us assume that
the user is in the virtual office and the user
turns around the door located in (1,2,3) and
opens it. Then, the user closes the door. The
user then finds a computer to the left, which
exists in the position (4,5,6), and the user types
ABC. The initial representation of user actions
in the 3D virtual environment can be recorded
as follows:
(1,2,3) action = open the office door
(1,2,3) action = close the office door
(4,5,6) action = typing A
(4,5,6) action = typing B
 STATE DIAGRAM
Typing a letter or a Clicks
number
Typical Click on Performing
Textual a Graphical
Password graphica Password
Specific l
key passwor
Specific key pressed
passwor d item
d
Biometric
Enter User Moving Inside item is Performing
Name Virtual 3D checked
Biometrics
Environment

Login
password
Access not Move object,
granted Verifying Turn ON/OFF
Access
Changing
grante
Item Status
d
RKING OF 3D PASSWORD SCHE
 PROGRAMMING

C++
LANGUAGES
Java and Java3D
.NET languages such as C# or Visual Basics
Parrot virtual machine
OpenGL library :
(i) uses both graphics and CAD programs.
(ii) supported on Windows, Macintosh, UNIX
workstations, PCs, X-Box, Linux, etc.
GLUT :
(i) library for using C++ and OpenGL
Direct 3D :
(i) supported only on Microsoft windows
platforms and X-box.
 ATTACKS AND COUNTER
1. MEASURES
Brute Force Attack: A brute force attack is a trial-and-
error method used to obtain information such as a user
password or personal identification number (PIN). The
attack is difficult because:
(i) Required time to login: Time required to login may
vary from 20 seconds to 2 minutes. So, is time
consuming.
(ii) Cost of attack: Cost of creating 3D virtual
environment is very high.
2. Well Studied Attack:
(i) Attacker has to study whole password scheme.
(ii) Attacker has to try combination of different attacks
on scheme.
(iii) As 3D password scheme is multi-factor & multi-
password authentication scheme, attacker fail to studied
whole scheme. This attacks also not much effective
against 3D password scheme.
3. Shoulder Suffering Attack:
(i) An attacker uses a camera to record
the password.
(ii) 3D password contains biometric
identifications, so are difficult to break.

4. Timing Attack:
(i) The attacker observes how long it
takes a legitimate user to perform a
correct sign-in using 3D password.
(ii) Helps in determining length of
password.
(iii) Effective if the 3D virtual
environment is designed correctly.
5. Key logger:
(i) Attacker install as software called
key logger on system where
authentication scheme is used.
(ii) Software stores text entered
through keyboard and those text are
stored in text file.
(iii) More effective and useful for only
textual password. Fails in case of 3D
password because it includes
biometrics which are hard to crack.
 ADVANTAGES OF 3D
1. PASSWORD
Provides high security.
2. Flexible, as it provides multifactor authentication
,i.e., token based, knowledge based, biometrics.
3. Provides infinite number of password
possibilities.
4. Can be memorized in form of short stories.
5. Implementation of system is easy.
6. Ease to change password anytime.
7. Helps to keep lot of personal details.
8. Due to the use of multiple schemes in one
scheme password space is increased to great
extent.
DISADVANTAGES OF 3D
1. Difficult PASSWORD
for blind people to use this
technology.
2. A lot of program coding is required.
3. Very expensive.
4. Time and memory requirement is
large.
 APPLICATIONS OF 3D
PASSWORD
1. Critical servers.
2. Nuclear reactors and military facilities.
3. Airplanes, jet fighters and missile guiding.
4. Networking.
5. A small virtual environment can be used in
following areas:
(i) ATM.
(ii) Desktop computers and laptop logins.
(iii) Web authentication.
(iv) Security analysis.
 CONCLUSIO
N
The authentication can be improved
with 3D password, because the
unauthorized person may not
interact with same object at a
particular location as the legitimate
user.
It is difficult to crack because it has
no fixed number of steps and a
particular procedure.
Added with biometrics and token
 REFEREN
CES
www.ifet.ac.in
3Dvas.com
www.ijesit.com
www.sri.com
https://www.youtube.com/watch?
v=Tw1mXjMshJE
THANK
YOU
QUERI
ES