文章基本信息

标题：Secure Graphical Passwords Using Live Physical Tokens
本地全文：下载
作者：Renuka Prasad S B
期刊名称：International Journal of Innovative Research in Science, Engineering and Technology
印刷版ISSN：2347-6710
电子版ISSN：2319-8753
出版年度：2017
卷号：6
期号：8
页码：16124
DOI：10.15680/IJIRSET.2017.0608071
出版社：S&S Publications
摘要：SGPULPT is a new graphical password scheme forpublic terminals that replaces the static digital imagestypically used in graphical password systems with personalized physical to-kens, here in the form of digital picturesdisplayed on a physical user-owned device such as a mobile phone. Users present these images to a system camera andthen enter their password as a sequence of selections on live video of the token. Highly distinctive optical features areextracted from these selections and used as the password. We present three feasibility studies of SGPULPT exam-iningits reliability, usability, and security against observation. The reliability study shows that image-feature basedpasswords are vi-able and suggests appropriate system thresholds—password items should contain a minimum of sevenfeatures, 40% of which must geometrically match originals stored on an authentication server in order to be judgedequivalent. The usability study measures task completion times and error rates, revealing these to be 7.5 s and 9%,broadly comparable with prior graphical password systems that use static digital images. Finally, the security studyhighlights SGPULPT’s resistance to observation attack—three attackers are unable to compromise a password using shoulder surfing,camera-based observation, or malware. These results indicate that SGPULPT shows promise for security whilemaintaining the usability of current graphical password schemes.
关键词：Graphical password; input; live video; observation; user study.