3D password is some kind of an advanced security. It is much stronger than regular security such, Passwords, Finger Prints, voice, etc. It is combination of recall based scheme and recognition based scheme.
3D Password is multi-password & multi factor authentication scheme. 3D Password is also known as authentication. It is on the fact of Human memory. Though authentication is very strict procedure, with the developing new technologies it can be easily cracked and hacked to steal the user’s identity.3d password scheme is a new strategy recognition patterns, textual passwords, biometrics and graphical passwords. One of the important concepts of 3d password schema is 3d virtual environment which contains real time object scenarios. Also 3d password is more secure and hard to break.
It is very interesting way of authentication and more customizable. 3D password advantage of the providing high security to user. This paper focuses on describing scope of 3D password and future.
The 3D password is very user-friendly, and very interesting way of authentication process.Generally passwords are set on the bases of human memory. Usually simple passwords like pet names, places and phone numbers are set so as to quickly recall them. In the approaching times, need of the high security authentication systems is increasing exponentially. We require significantly effective and efficient systems to meet our needs of security and safety. As the technology has changed fast processors and tools are available on internet it is very easy. But there are various weaknesses in current authentication systems. In an Authentication system a 3D password is multifactor authentication scheme that combines RECOGNITION+RECALL+TOKENS+BIOMETRICS.
We are provided with many techniques were introduced such as textual passwords, biometric scanning, tokens or cards etc. Following authentication techniques available:
- Textual password: It is best example for knowledge base technique. For example pin password patterns etc.
- Graphical password: Any or face identification is example of recognition base technique
- Token based: means what you have. It is includes Credit cards, ATM cards, etc.
- Biometrics Base: Thumb or fingerprints, voice recognition face recognition example of biometrics base authentication technique.
Authentication can be divided into two categories as follows:
Recall based: Recall-based techniques require the user to repeat or reproduce a secret that the user created before.
Recognition based: Recognition based techniques require the user to identify and recognize the secret, or part of it, that the user selected before.
Authentication techniques are working on two types of :
Recall Base: Recall base is security of system is major issue. Textual password example is recall based Scheme. The user provides a secure system password to the system. Textual Password can Strong & secure a system at certain level. It is difficult to memorize. Knowledge based authentication is a part of this technique, E.g. Textual password, graphical password etc. this technique is commonly used all over the world where security needed.
Recognition Base: In Recognition base scheme user is required to identify and recognize his/her password which was created by him/her. Graphical password Problem is shoulder surfing attack. The part of recognition scheme is biometrics base authentication technique. Biometrics authentication includes fingerprint, palm prints, face recognition, voice recognition, DNA, Iris, etc. In biometrics technique record or replay attack as well as hill climbing attack is also possible. In Token base authentication there is possibility of fraud, loss, and theft.
Human Authentication Techniques
Textual based: Recall based practices require the user to reproduce a secret again that the user twisted before. Identification based methods order the user to classify and be aware of the secret or part of that the user carefully chosen before. One of the most common recall based schemes used in the mainframe world is textual passwords. Textual password disadvantage is the too inconsistent requirements in the selection of passwords that are easy to remember and at the same while are hard to guess.
Graphical based: Graphical passwords can be divided into two types as follows: 1) recognition based and 2) recall based.
Graphical password schemes is better than the textual passwords as its easier to remember a picture than text. Different graphical password schemes have been proposed. Smart cards can be lost or stolen and the user has to carry the token whenever access required. The graphical password strategies are time-consuming to be performed. The Example of recognition base technique is face identification or Graphical password. Also most of the graphical passwords can be easily observed or recorded while the legitimate user is performing thus, it is strategies are exposed to shoulder surfing attacks.
Token based: In banking authentication structures is token based system is required. However, many reports have shown that tokens are susceptible to loss, fraud or theft by using simple techniques. Any ATM cards, swipe card passport smart card are examples of token based authentication systems.
Biometric based: The part of recognition scheme is biometrics base authentication technique. Proposed Various have been Biometric schemes; fingerprint, palm prints, face recognition, voice recognition, DNA, Iris, all different biometric systems. Biometric authentication uses unique body measurements and physical attributes as an identification and access control is methods, including in Mobile devices, both iPhone and Android devices.
Working of 3D password
3D password key space is determined by the design of 3D virtual environment and type of object selected inside the 3d virtual environment. 3 Dimensional password system to provide the security to the email client system.
3D Virtual password: In an Authentication system A 3D password is multifactor authentication scheme that combines RECOGNITION+RECALL+TOKENS+BIOMETRICS.
The 3D password presents a virtual environment containing various virtual objects. The user walks through the environment and interacts with the objects. It is the combination and sequence of user interaction that occur in the 3D environment. The 3-D password can be thought of a multiple parameter based authentication scheme. The 3D password is therefore nothing else but the sequence of interactions with the virtual objects that is 1) pre created, 2) pre stored, 3) verified by the user. This kind of interaction in a 3D environment projected on a 2D environment is termed a pass action. This system is basically designed for higher levels of security yet easiness and convenience for the user. The 3D Password scheme uses a combination of RECOGNITION +RECALL+BIOMETRIC+TOKEN in a 3D virtual environment based authentication system. The 3-D password can be thought of a multiple parameter based authentication scheme. It may combine two or more pre-existing authentication schemes to form a single 3-D virtual space. The 3-D virtual space or environment should contain several 3D objects with which the user can have sequence of interactions. The type of interaction sequence stored as a password scheme depends on the user according to his need.
The 3D password is therefore nothing else but the sequence of interactions with the virtual objects that is 1) pre created, 2) pre stored, 3) verified by the user. This kind of interaction in a 3D environment projected on a 2D environment is termed a pass action.
This system is basically designed for higher levels of security yet easiness and convenience for the user It ignores interaction with the rest of the objects that might demand the information which the user might not want to provide to the system. For example, if a 3D object requests a scanning of a biometric based authentication system but the user doesn’t want to perform this scan for himself, the user is then free to not to interact with the system.3d virtual environment affects the usability, effective, and acceptability of a 3D password system.3d virtual environment reflects the administration needs and the security requirements..
To realize and understand how far an authentication scheme is secure, we have to consider all possible attack methods. As mentioned earlier 3D password is highest secure authentication. To realize and understand how far an authentication scheme is secure, we have to consider all available attack methods. In this section, we try to cover most possible attacks and whether the attack is valid or not.
Brute Force Attack
The attack is very difficult because
Time required to login: A brute force attack on a 3D password is very difficult and time engross.
Cost of Attack: A 3D Virtual environment may contain biometric object, the attacker has to forge all biometric data. The cost of forging such information is very high, therefore cracking the 3D password is more challenging.
The attacker tries to find the top probable distribution of 3D passwords. In order to launch such an attack, the attacker has to achieve knowledge of the most probable 3D password distributions.
Shoulder Surfing Attack
An attacker uses a camera to record the user’s 3D password or tries to watch the legitimate user while the 3D password is being performed. This attack is the most successful type of attack against 3D passwords and some other graphical passwords. However, the user’s 3D password may contain biometric data or textual passwords that cannot be seen from behind. Therefore, we assume that the 3D password should be performed in a secure place where a shoulder surfing attack cannot be performed.
In this attack is based on how much time required completing successful sign-in using 3D password scheme. Timing attacks can be very much effective while Authentication scheme is not well designed. But, as our 3D password scheme is designed extra securely, In this attacks are not easily available.
- 3D password is simple to use.
- It is provides security.
- 3D graphical password has no limit.
- 3D password is changed to easy.
- 3D Password is authentication technique used to multi-feature and multi-password.
- Password can remember easily.
- Implementation of the system is easy.
- 3D password requirement is large memory and time.
- Difficult for blind people to use this technology.
- It is very expensive.
- A lot of program coding requirement.
This is the future work of our research. The adding multi-dimensional password generation method to multi-level authentication technique our future work will be carried out. Also to build strong algorithm for gesture recognition is the future work of our research paper. To provide privacy services to the intended customer, it is a better option to use strong password generation and authentication technique. Future work is required in 3D password theme to develop this theme up to additional secure level. Implementing 3D password for mobile telephone is that another necessary future work of this paper and conjointly our project too.
There are many authentication techniques available such as Textual Passwords, Graphical Passwords, Biometric Identification, etc. The design of the 3D virtual environment the selection of objects inside the environment and the object’s type reflect the resulted password space. Many other schemes are also there like graphical password, biometric authentication scheme etc. which are used in different fields. The main goal of this paper is to have a scheme which has a huge password space and which is a combination of any existing, or upcoming, authentication schemes into one scheme.