graphical passwords
TRANSCRIPT
Graphical Passwords
Graphical Passwords
(1) Why graphical passwords? Pictures are easy to remember or recognized than text..
(2) Are graphical passwords as secure as text passwords?
(3) What are the major design and implementation issues for graphical passwords?
Random Image
Based on hash visualization techniques.
Passfaces
Passlogix
Pass Point
Based on JPEG 2000
Random Image
Random Image
Based on hash visualization techniques.
Draw-A-Secret (DAS)
Drawing Grid
Graphical Passwords Design
Recognition Based Techniques
Recall Based Techniques (1) Produce a drawing (2) Repeat a sequence of actions
Attack on Graphical Passwords
(1) Brute force search (2) Dictionary attacks(3) Guessing * different person has different choice. * human have some common selections.(4) Spy ware(5) Shoulder surfing(6) Social engineering
Research on Graphical Passwords
(1) Design a new graphical password scheme * can return a random length text password
(2) Use graphical password in public key cryptosystem. * User generate a big number from graphical password. * Convert the big number into a signing private key. * Get a certificate from CA with the generated key. * Embed graphical password into application such as webmail. * User log on webmail, generate his signing key without key file or smart card. * User sign his mail use javascript in the browser without his key exposed.
owHtWU1sJNld3yTAIYhDIiEhwaFc9tJtbVW1WBuPLLunep0ea7S0UD1o+TFTbldVetQededFZHu1hRkx50hcIJccc0E5RdyCFI4oHDkhhISQkLiCEMcc896r71fvs7o8O7H89+501fv+1f/7//7mt772wVe/8bMf/2Twix/+9O1X/v6Dr/zaP377q9/+9rNv/uApePD09S/7APdPjxAfAj1CfAj0CPEh0CPEh0CPEB8CPUJ8CPQI8SHQI8SHQI8Q