Volume No. 1 Issue No.

3 International Journal on ISSN: 2456-5695

Fundamentals of Science and Engineering Research

A REVIEW ON SECURED AUTHENTICATION USING

3D PASSWORD
M. Padmaja [1] P.Manjula [2]
[1, 2]
Dept. of Computer Science, SPDC, Nellore, AP, India.
padmajaruthwika@gmail.com, manjulaspd@gmail.com

ABSTRACT
Users nowadays are provided with major password stereotypes such as textual passwords, biometric scanning, tokens
or cards (such as an ATM) etc .Mostly textual passwords follow an encryption algorithm as mentioned above.
Biometric scanning is your "natural" signature and Cards or Tokens prove your validity. But some people hate the
fact to carry around their cards, some refuse to undergo strong IR exposure to their retinas (Biometric scanning).
Mostly textual passwords, nowadays, are kept very simple say a word from the dictionary or their pet names,
girlfriends etc. Years back Klein performed such tests and he could crack 10-15 passwords per day. Now with the
technology change, fast processors and many tools on the Internet this has become a Child's Play.

Key words: Authentication, Multi-password, Quick Hull algorithm, Textual Passwords, 3-D Password, 3-D
Virtual Environment.

I. INTRODUCTION OF 3D PASSWORD
The authentication system which we are using is mainly very light or very strict. Since many years it has
become an interesting approach. With the development in means of technology, it has become very easy for
'others to hack someones password. Therefore many algorithms have come up each with an interesting
approach toward calculation of a secret key. The algorithms are such based to pick a random number in the
range of 10^6 and therefore the possibilities of the sane number coming is rare. We are provided with many
password types such as textual passwords, biometric scanning, tokens or cards (such as an ATM) etc. But
there are many weaknesses in current authentication systems. When a person uses textual passwords, he
likely chooses meaningful words from dictionary or their nick names, girlfriends etc which can be cracked
easily. And if a password is hard to guess then it is hard to remember also. Users face difficulty in
remembering a long and random appearing password and because of that they create small, simple, and
insecure passwords that are easy to attack. Graphical passwords can also be used. Their strength comes from
the fact that users can recall and recognize pictures more than words. Token based systems can also be used
as way of authentication in banking systems and for entrance in laboratories. But smart cards or tokens are
susceptible to loss or theft. Biometric scanning is your "natural" signature and Cards or Tokens prove your
validity.

Ideally there are two types of Authentication schemes are available according to nature of scheme &
techniques used, those types are

1) Recall based:
In this authentication tech. user need to recall or remember his/her password which is created before [1].
Knowledge based authentication is a part of this technique, E.g. Textual password, graphical password etc.
this technique is commonly used all over the world where security needed.

2) Recognition based:
In this user need to identify, recognize password created before. Recognition based authentication can be
used in graphical password. Generally this technique is not use much more as Recall based is used. Still
December 2016 Inside Journal (www.insidejournal.org) Page | 121
Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research

both recall based & recognition based authentication techniques having some drawbacks & limitations when
they are used separately or used single authentication scheme at a time. To overcome these drawbacks &
limitations of previously existing authentication schemes. We have introduced a new authentication scheme
which is based on previously existing schemes. This authentication scheme is based on combination of
passwords called as 3D Password. Which is a multifactor scheme uses combination of above discussed
scheme as well as biometric & many other schemes [1]. All these schemes are implemented in virtual 3D
environment while creating 3d Password. Where this environment contain various virtual objects through
which user interacts with. The interaction with 3D environment changes as per user changes. The 3-D
password is constructed by observing the actions and interactions of the user and by observing the
sequences of such actions [2] [3] [5].

Graphical Passwords
A graphical password is an authentication system that works by having the user select from images, in a
specific order, presented in a graphical user interface (GUI). For this reason, the graphical-
password approach is sometimes called graphical user authentication (GUA). Graphical passwords may
offer better security than text-based passwords because many people, in an attempt to memorize text-based
passwords, use plain words (rather than the recommended jumble of characters). A dictionary search can
often hit on a password and allow a hacker to gain entry into a system in seconds. But if a series of
selectable images is used on successive screen pages, and if there are many images on each page, a hacker
must try every possible combination at random. If there are 100 images on each of the 8 pages in an 8-
image password, there are 1008, or 10 quadrillion (10,000,000,000,000,000), possible combinations that
could form the graphical password! If the system has a built-in delay of only 0.1 second following the
selection of each image until the presentation of the next page, it would take (on average) millions of years
to break into the system by hitting it with random image sequences.
Biometrics
Biometrics is the measurement and statistical analysis of people's physical and behavioral characteristics.
The technology is mainly used for identification and access control, or for identifying individuals that are
under surveillance. The basic premise of biometric authentication is that everyone is unique and an
individual can be identified by his or her intrinsic physical or behavioral traits. Authentication
by biometric verification is becoming increasingly common in corporate and public security systems,
consumer electronics, and point-of-sale applications. In addition to security, the driving force behind
biometric verification has been convenience, as there are no passwords to remember or security tokens to
carry. Measuring someones gait doesnt even require a contact with the person.
Biometric devices, such as fingerprint readers, consist of:
A reader or scanning device.
Software that converts the scanned information into digital form and compares match points.
A database that stores the biometric data for comparison.

II.PROPOSED SYSTEM
Proposed authentication scheme is combination of many other authentication schemes together. 3D
password is combination of both recall-based (i.e. textual password, etc) & recognition based (i.e. graphical
password, biometrics, etc). So that 3D password is multifactor & multi password authentication scheme. For
authentication with 3D password a new virtual environment is introduced called as 3D virtual environment
where user navigate , moving in 3D virtual environment to create a password which is based on both the
schemes. We dont use biometric scheme because biometric having some major drawbacks (like h/w cost is
more) So that we have not included biometric authentication in our 3D password scheme. Because biometric
authentication is efficient over shoulder surfing attacks. But other attacks are venerable & easy on biometric

December 2016 Inside Journal (www.insidejournal.org) Page | 122

Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research

authentication. Also inclusion of biometric may leads to increasing the cost of scheme & more hardware
parts needed. .

OBJECTIVES OF PROPOSED SYSTEM

To provide more secure authentication technique than existing one.
To design & develop more user friendly & easier authentication scheme and giving user to freedom
of selecting more than one password scheme as single system.
To overcome the drawbacks & limitations of previously existing systems (textual password,
graphical password.etc).
New scheme should be combination of recall-, recognition -, biometrics-, and token based
authentication schemes.

II. 3D PASSWORD OVERVIEW

In 3D password user have to First Authenticate with simple textual password (i.e. user need to provide user
name & password) Once authentication successful then user moves in 3D virtual environment, Thereafter
a computer with keyboard will be seen on screen. On that screen user have to enter password
(textual).which is stored in a simple text file in the form of encrypted co-ordinates(x1, y1, z1). After
successfully completion of this authentication, Then user automatically enter into an art gallery, where
he/she has to select multiple point in that gallery or he can do some action in that environment like
switching button on/off or perform action associated with any object like opening door, etc[1]. The
sequence in which user has clicked (i.e. Selecting objects) that sequence of points are stored in text file in
the encrypted form. In this way the password is set for that particular user. For selection of points we have
used 3d Quick hull algorithm which is based on convex hull algorithm from design & analysis of
algorithms. Next time when user want to access his account then he has to select all the object which he
has selected at the time of creating password with proper sequence .This sequence is then compared with
coordinates which are stored in file. If authentication successful thereafter access is given to
authorized user. 3D password working algorithm is shown in fig.1.

Fig1. 3Dpassword working algorithm

December 2016 Inside Journal (www.insidejournal.org) Page | 123

Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research

1. A biometrical recognition device;

2. A paper or a white board that a user can write, sign, or Draw on;
3. An automated teller machine (ATM)that requests a token;
4. A light that can be switched on/off;
5. A television or radio where channels can be selected;
6. A staple that can be punched;
7. A car that can be driven;
8. A book that can be moved from one place to another;
9. Any graphical password scheme;
10. Any real-life object;
11. Any upcoming authentication scheme.

III.3-D VIRTUAL DESIGN ENVIORNMENT

This section tells about that how to create 3D password & what are different schemes used to form a
complete 3d password. 3D password is multi-factor & multi password authentication scheme. So that
many password schemes like textual password, graphical password, biometric, etc. password schemes can
be used as a part of 3D password. Choosing of different schemes are based on category of user who are
going to use this scheme to the system. Fig.2 shows state diagram of 3D password creation which will give
the flowchart for 3D password creation & authentication process

Fig 2: flowchart for 3D password creation & authentication process

IV.PROS AND CRONS

A. ADVANTAGES
1. Provides security.
2. This 3D password cant take by any other person.
3. 3D graphical password has no limit.
December 2016 Inside Journal (www.insidejournal.org) Page | 124
Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research

4. Password can change easily.

5. Implementation of the system is easy.
6. Password can remember easily.
7. This password helps to keep lot of personal details.

B.DISADVANTAGES
1. Difficult for blind people to use this technology.
2. Requires sophisticated computer technology.
3. Expensive.
4. A lot of program coding is required.

V.3-D PASSWORD APPLICATIONS

The 3D password can have a password space that is very large compared to other authentication schemes,
so the 3D passwords main application domains are protecting critical systems and resources. 1. Critical
server many large organizations have critical servers that are usually protected by a textual password. A 3D
password authentication proposes a sound replacement for a textual password. 2. Nuclear and military
facilities such facilities should be protected by the most Powerful authentication systems. The 3D password
has a very large probable password space, and since it can contain token, biometrics, recognition and
knowledge based Authentications in a single authentication system, it is a sound choice for high level
security locations. 3. Airplanes and jet fighters Because of the possible threat of misusing airplanes and jet
fighters for religion, political agendas, and usage of such airplanes should be protected by a powerful
authentication system. In addition, 3D passwords can be used in less critical systems because the 3D
virtual environment can be designed to fit to any system needs. A small virtual environment can be used in
the following systems like 1) ATM 2) Personal Digital Assistance 3) Desktop Computers & laptop logins
4) Web Authentication 5) Security Analysis

VI. CONCLUSION AND FUTURE WORK

Currently available schemes include textual password and graphical password .But both are vulnerable to
certain attacks. Moreover, there are many authentication schemes that are currently under study and they
may require additional time and effort to be applicable for commercial use [1]. The 3-D password is a
multifactor & multi password authentication scheme that combines these various authentication schemes.
The virtual environment can contain any existing authentication scheme or even any upcoming
authentication schemes. Due to which passwords space increases. It is the users choice and decision to
construct the desired and preferred 3-D password. The 3D password is still new & in its early stages [1].
Designing various kinds of 3-D virtual environments, deciding on password spaces, and interpreting user
feedback and experiences from such environments will result in enhancing.

REFERENCES

[1] Alsulaiman, F.A.; El Saddik, A., "Three- for Secure," IEEE Transactions on Instrumentation and
measurement, vol.57, no.9, pp 1929-1938.Sept. 2008.
[2] Vidya Mhaske et al, Int.J.Computer Technology & Applications, Vol 3 (2), ISSN: 2229-6093, 510-519.
[3] Tejal Kognule and Yugandhara Thumbre and Snehal Kognule, 3D password International Journal of
December 2016 Inside Journal (www.insidejournal.org) Page | 125
Volume No. 1 Issue No. 3 International Journal on ISSN: 2456-5695
Fundamentals of Science and Engineering Research

Computer Applications (IJCA), 2012.

[4] A.B.Gadicha , V.B.Gadicha , Virtual Realization using 3D Password in International Journal of
Electronics and Computer Science Engineering, ISSN 2277-1956/V1N2-216-222.
[5] Fawaz A. Alsulaiman and Abdulmotaleb El Saddik, A Novel 3D Graphical Password Schema IEEE
International Conference on Virtual Environments, Human-Computer Interfaces, and Measurement
Systems, July 2006.
[6] Duhan Pooja, Gupta Shilpi , Sangwan Sujata, & Gulati Vinita, SECURED AUTHENTICATION: 3D
PASSWORD I.J.E.M.S., VOL.3(2),242 245, 2012.
[7] Grover Aman, Narang Winnie, 4-D Password: Strengthening the Authentication Scene International
Journal of Scientific & Engineering Research, Volume 3, Issue 10, October-2012.

December 2016 Inside Journal (www.insidejournal.org) Page | 126