INTRODUCTION

 The 3-D password is a multifactor authentication scheme.

 It can combine all existing authentication schemes into a single 3-D virtual
environment.
 This 3-D virtual environment contains several objects or items with which the user
can interact.
 The type of interaction varies from one item to another.
 The 3-D password is constructed by observing the actions and interactions of the
user and by observing the sequences of such actions.

Visit www.seminarlinks.blogspot.com to download

 Human Authentication Techniques - Classification
Textual Password
Knowledge Based
What you KNOW
EXISTING SYSTEM Graphical Password

ATM cards

Token Based-What Keys

Human Authentication you HAVE
techniques
ID Cards

Fingerprints, Palmprints

Hand geometry
Biometrics - What you
ARE
Face, Iris, Voice, Retina
recognition
 3D PASSWORD

•A 3D password is a multifactor
authentication scheme that
combine

RECOGNITION
+RECALL
+TOKENS
+BIOMETRICS

in one authentication system.

 BRIEF DESCRIPTION OF SYSTEM

 The 3D password presents a virtual environment containing various

virtual objects.

 The user walks through the environment and interacts with the objects.

 It is the combination and sequence of user interactions that occur in the

3D environment.
 BRIEF DESCRIPTION OF SYSTEM
 The user is presented with this 3d virtual environment where the user navigates and
interacts with various objects.

 The sequence of actions and interactions towards the objects inside the 3d
environment constructs the user’s 3d password.
 SYSTEM IMPLEMENTATION

 For example, the user can enter the virtual environment and type something on a
computer that exists in (x1 , y1 , z1 ) position
 then enter a room that has a fingerprint recognition device that exists in a position
(x2 , y2 , z2 ) and provide his/her fingerprint.
 Then, the user can go to the virtual garage, open the car door, and turn on the radio
to a specific channel.
 The combination and the sequence of the previous actions toward the specific
objects construct the user’s 3D password.
 VIRTUAL OBJECTS

Virtual objects can be any object we encounter in real life:

 A computer on which the user can type in
 A fingerprint reader that requires users fingerprint
 A paper or white board on which user can type
 An Automated teller(ATM) machine that requires a token
 A light that can be switched on/off
 A television or radio
 A car that can be driven
 A graphical password scheme
 3D VIRTUAL ENVIRONMENT
•3-D virtual environment affects the usability, effectiveness, and
acceptability of a 3-D password system.

• 3-D environment reflects the administration needs and the security

requirements.

3D Virtual Environment
 DESIGN GUIDELINES
The design of 3D virtual environments should follow these guidelines:
ADVANTAGES

 Provides security.
 3D password can’t take by any other person.
 3D graphical password has no limit.
 Password can change easily.
 Implementation of the system is easy.
 Password can remember easily.
 Password helps to keep lot of personal
details.
 APPLICATIONS
The 3D password’s main application domains are protecting critical systems and resources.
 Critical Servers
 Nuclear Reactors & military Facilities
 Airplanes and missile Guiding
 In addition, 3D passwords can be used in less critical systems
 A small virtual environment can be used in the following systems like
 ATM
 Personal Digital Assistance
 Desktop computers & laptops
 Web authentication etc.
State Diagram
 ATTACKS AND COUNTERMEASURES
 To realize and understand how far an authentication scheme is secure, all possible
attack methods should be considered.

 Thorough study has to be done , whether the authentication scheme proposed is

immune against such attacks or not.

 Moreover, if the proposed authentication scheme is not immune, the countermeasures

have to be found that prevent such attacks.

Visit www.seminarlinks.blogspot.com to download

 ATTACKS AND COUNTERMEASURES
 Brute Force Attack: The attacker has to try all possible 3-D passwords. This kind of attack is very
difficult for the following reasons:
 Time required to login
 Cost of attacks

 Well-Studied Attack: The attacker tries to find the highest probable distribution of 3-D passwords.
However, to launch such an attack, the attacker has to acquire knowledge of the most probable 3-D
password distributions.
 Shoulder Surfing Attack: An attacker uses a camera to record the user’s 3-D password or tries to
watch the legitimate user while the 3-D password is being performed. This attack is the most
successful type of attack against 3-D passwords and some other graphical passwords.
 Timing Attack: In this attack, the attacker observes how long it takes the legitimate user to perform
a correct sign-in using the 3-D password. This observation gives the attacker an indication of the
legitimate user’s 3-D password length.
VIDEO DEMO
 CONCLUSION

• The authentication can be improved with 3d password ,because the unauthorized person may not
interact with same object at a particular location as the legitimate user.

• It is difficult to crack ,because it has no fixed number of steps and a particular procedure.

• Added with biometrics and token verification this schema becomes almost unbreakable.

 The 3-D password is still in its early stages. Designing various kinds of 3-D virtual environments,
deciding on password spaces, and interpreting user feedback and experiences from such environments
will result in enhancing and improving the user experience of the 3-D password