Please use this identifier to cite or link to this item:
Title: Analysis and Development of Usable Secure Password-based Authentication Techniques
Authors: Maheshwari, A.
Keywords: Computer Science & Engineering
Issue Date: 2016
Series/Report no.: DI-121;
Abstract: The public space usage of computers, mobile devices and many other financial critical applications like ATMs, point of sales (POS) have increased rapidly. All these applications uses classical authentication mechanism (directly enter password or PIN) which is suscepti-ble to shoulder surfing attack and hence attacker may obtain secret credentials of legitimate user very easily. There are various existing shoulder surfing resilient schemes but they are not used in public space due to the fact that some of these schemes either require multiple rounds for entering a single word/digit or some have dependency on external hardware or some of the schemes require complex computation to be done mentally in order to enter the credentials. Another possible security threat could be password leakage when password file is compromised. In this thesis, we propose a new PIN entry mechanism known as SPOSS which provides resilience against not only human-based shoulder surfing but also against recording attack where attacker may impose a recording device like camera to record the whole login session for future reference. SPOSS also provides security against password file compromise attack. Additionally, user authentication can be ensured by single round only without doing any complex computation and without any dependency of external hardware. Experimental analysis shows that proposed scheme achieves a good balance between usability and security parameters.
Appears in Collections:01. CSE

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.