Browse > Article
http://dx.doi.org/10.13089/JKIISC.2009.19.5.175

Password Authentication Scheme based on Operation of Alpha-numeric Characters on Matrix  

Kang, Jeon-Il (INHA University)
Maeng, Young-Jae (INHA University)
Nyang, Dae-Hun (INHA University)
Lee, Kyung-Hee (University of Suwon)
Jeun, In-Kyung (Korea Internet & Security Agency)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.19, no.5, 2009 , pp. 175-188 More about this Journal
Abstract
Besides the passwords have low complexity, they can easily be revealed by the shoulder-surfing attack when they are inputted through the input devices such like keyboard. To overcome these problems, many new authentication schemes, which change the user secret different form or let users input their secrets through the more complex manners, have been suggested, but it is still hard to find the balanced point between usability and security. In this paper, we introduce a new authentication scheme that use the traditional alpha-numeric password as user secret based on operation of them on matrix. We show the security strength of our proposal through the analyses in the various aspects and confirm the difficulty that users feel from our proposal through the user study.
Keywords
Password Authentication; Alternative Password; Shoulder-surfing Resistance;
Citations & Related Records
연도 인용수 순위
  • Reference
1 H. Jameel, R.A. Shaikh, H. Lee, and S. Lee, 'Human Identification Through Image Evaluation Using Secret Predicates,' Proc. of The Cryptographer's Track at RSA Conference (CT-RSA), LNCS 4377, pp. 67-84, 2007
2 Z. Zheng, X. Liu, L. Yin, and Z. Liu, 'A Stroke-based Textual Password Authentication Scheme,' Proc. of 2009 First International Workshop on Education Technology and Computer Science, pp. 90-95, Mar. 2009   DOI
3 T. Matsumoto and H, Imai, 'Human Identification Through Insecure Channel,' Proc. of EUROCRYT 91, LNCS 547, pp. 402-421, 1991
4 H. Zhao and.X. Li, 'S3PAS: A Scalable Shoulder-Burfing, Resistant Textual-Graphical Password Authentication Scheme,' Proc. of 21st IEEE International Conference on Advanced Information Networking and Applications Workshop (AINAW), pp. 467-472, May 2007
5 I. Jermynn, A. Mayer, F. Monrose, M.K. Reiter, and A.D. Rubin, 'The Design and Analysis of Graphical Passwords,' Proc. of the Sth USE NIX Security Symposium, p. 1, Aug. 1999
6 D. Weinshall, 'Cognitive Authentication Schemes Safe Against Spyware (Short Paper),' Proc. of the 2006 IEEE Symposium on Security and Privacy (S&P), pp. 1-16, May 2006
7 R. Dhamija and A, Perrig, 'Deja Vu: A User Study Using Images for Authentication,' Proc. of 9th USENIX Security Symposium, p, 4, Aug, 2000
8 P. Golle and D. Wagner, 'Cryptanalysis of a Cognitive Authentication Scheme (Extended Abstract),' Proc. of the 2007 IEEE Symposium on Security and Privacy (S&P), pp. 66-70, May 2007
9 N. Hopper and M. Blum, 'Secure Human Identification Protocols,' Proc. of ASIACRYPT, LNCS 2248, pp. 52-66, 2001
10 S. Wiedenbeck, J. Waters, J.C. Birget, A. Brodskily, and N. Memon, 'PassPoints: Design and longitudinal evaluation of a graphical passwords system,' International Journal of Human-Computer Studies (Special Issue on HCI Research in Privacy and Security), vol. 63, pp. 102-127, May 2005   DOI   ScienceOn
11 X. Bai, W. Gu, S. Chellappan, X.: Wang, D. Xuan, and B. Ma, 'PAS: Predicatebased Authentication Services Against Powerful Passive Adversaries,' Proc. of 200S Annual Computer Security Appli-cations Conference (ACSAC), pp. 433-442, Dec. 2008   DOI
12 S, Wiedenbeck, J. Waters, L. Sobrado, and J.C. Birget, 'Design and Evaluation of a Shoulder-Surfing Resistant Graphical Password Scheme,' Proc. of Advanced Visual Interfaces (AVI), pp. 177-184, May 2006   DOI