Secure graphical Secure graphical password system for high password system for high
traffic public areastraffic public areas
Bogdan Hoanca and Kenrick MockBogdan Hoanca and Kenrick Mock
University of Alaska AnchorageUniversity of Alaska Anchorage
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
OutlineOutline
Shoulder surfing as security threat in Shoulder surfing as security threat in information systemsinformation systems
Eye tracking based authenticationEye tracking based authentication Error rates of eye tracking hardwareError rates of eye tracking hardware Error-aware eye trackingError-aware eye tracking
Systematic errorsSystematic errors Random errorsRandom errors
ConclusionsConclusions
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Shoulder surfingShoulder surfing
Stealing authentication informationStealing authentication information
Critical threat for mobile users or Critical threat for mobile users or in public placesin public places
Safest bet: assume “naked” user under Safest bet: assume “naked” user under constant surveillanceconstant surveillance
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Defending against shoulder Defending against shoulder surfingsurfing
Screen filtersScreen filters
Challenge-response schemesChallenge-response schemes
Physical key schemesPhysical key schemes
Biometric schemesBiometric schemes
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Eye tracking based Eye tracking based authenticationauthentication
Use the eye tracker without on-screen Use the eye tracker without on-screen feedback to select on-screen objectsfeedback to select on-screen objects
+ Ideally, transparent for the userIdeally, transparent for the user+ Secure from shoulder surfingSecure from shoulder surfing– Slower than typingSlower than typing– Still vulnerable to key logger and screen Still vulnerable to key logger and screen
capture programscapture programs
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Graphical Password Entry Graphical Password Entry via Eye Trackingvia Eye Tracking
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Sample authentication logSample authentication log
Image size 700x482
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
High error rates due to High error rates due to hardware limitationshardware limitations
“Low error” userMean D = 12 pixels
“High error” userMean D = 30 pixels
Plots of actual gaze location as compared with intended Plots of actual gaze location as compared with intended target (red); black is the center of gravitytarget (red); black is the center of gravity
Distances are in pixels and scale is -40…40 in both X and YDistances are in pixels and scale is -40…40 in both X and Y
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Error rates of eye tracking Error rates of eye tracking hardwarehardware
Using the ERICA system from Using the ERICA system from Eye Response TechnologiesEye Response Technologies
Error typesError types Systematic errorsSystematic errors
• Due to head tiltDue to head tilt• Slowly varying with timeSlowly varying with time• Dependent on screen geometry and locationDependent on screen geometry and location
Random errorsRandom errors• Highly user dependentHighly user dependent
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Handling random errorsHandling random errors
Loss of Loss of cryptographic cryptographic complexity complexity depends on depends on how much how much error is error is acceptableacceptable
Success rate (%, 0…100) vs. distance in pixels (1…1000, log scale)
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Handling systematic errorsHandling systematic errors
Average over Average over multiple multiple attempts or over attempts or over multiple usersmultiple users
Loss of Loss of cryptographic cryptographic complexity – complexity – equivalent to equivalent to one click lessone click less
Red – raw dataGreen -- corrected
Success rate (%, 0…100) vs. distance in pixels (1…1000, log scale)
one user25 sessions“low error”
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
Handling systematic errors Handling systematic errors (continued)(continued)
Limited Limited usefulness for usefulness for high error usershigh error users
Red – raw dataGreen -- corrected
Success rate (%, 0…100) vs. distance in pixels (1…1000, log scale)
one user25 sessions“high error”
March 27, 2006March 27, 2006 Hoanca/Mock ETRA 2006Hoanca/Mock ETRA 2006
SummarySummary
Eye tracking is a promising technology for Eye tracking is a promising technology for authenticating from public places with authenticating from public places with reduced danger of shoulder surfingreduced danger of shoulder surfing
Wide acceptance will require eye tracking Wide acceptance will require eye tracking technologies that aretechnologies that are More stable and accurateMore stable and accurate
• Ideally, head tracking-capable and calibration-freeIdeally, head tracking-capable and calibration-free Much lower in priceMuch lower in price