Enhanced Graphical Password by using Dynamic Block-style Scheme

Woo Chaw Seng1, Yong Kok Khuen2 and Ng Liang Shing2 1Department of Artificial Intelligence, Faculty of Computer Science & Information Technology, University

of Malaya, Kuala Lumpur, Malaysia 2Department of Artificial Intelligence, Faculty of Computer Science & Information Technology, University

of Malaya, Kuala Lumpur, Malaysia 1cswoo@um.edu.my, 2kokkhuen.yong@gmail.com

Abstract. Alphanumerical authentication systems nowadays always encounter the balancing problem between security and usability. A weak password is easy be to remembered but it is also easy to be guessed while a strong password is harder to be guessed but it is also harder to be remembered. Thus, many automated attacks are designed to break the alphanumerical password. Graphical password system can overcome this problem by creating secure and memorable passwords. The basic idea of graphical password is that human can remember pictures better than an alphanumeric string. A new graphical password scheme using dynamic block-style is proposed in this project. The primary objective of this project is to develop a graphical authentication system that is usable and secure. In addition, we applied fuzzy logic methods to enhance the usability by allowing certain degree of tolerance during authentication. Different types of pass-images were also tested. From the implementation, the proposed scheme is able to provide larger password space and reduces registration and authentication time. Nature scene images that have the most key points are most suitable to be used in this scheme.

Keywords: graphical password; authentication; dynamic block-style; fuzzy logic

1. Introduction The most common computer authentication method is to use alphanumerical usernames and passwords.

This method has been shown to have significant drawbacks. For example, users tend to pick passwords that are short and can be easily guessed. On the other hand, if a password is too long or hard to guess, then it is often hard to remember [1].

Graphical password schemes have been proposed as a possible alternative to text based schemes, motivated partially by the fact that humans can remember pictures better than text. Beside that, if the number of possible pictures is sufficiently large, the possible password space of a graphical password scheme may exceed that of text based schemes and thus presumably offer better resistance to brute force search and dictionary attacks [2]. In addition, graphical password also has better resistant toward spyware and social engineering when compared with text based password. Because of these advantages, there is a growing interest in graphical password as alternative authentication method [3].

However, most of the current graphical password schemes do not have a balance between usability and security aspects. For example, if the system is too simple then the system may not be secure enough. If the algorithm is too complex then the system may not be user friendly, e.g.: difficult to learn and takes too long to log in.

2. Related Work

2011 International Conference on Information and Intelligent Computing IPCSIT vol.18 (2011) © (2011) IACSIT Press, Singapore

139

There are three major categories of graphical password scheme: recall-based, recognition-based and cued-recall [4].

In a recall based graphical password scheme, the users need to recall and reproduce a secret drawing. In 1999, Jermyn et al, in [5], proposed DAS (draw-a-secret) led graphical passwords to a grid background. Using a grid as background has several advantages: first, it eliminates the need to store a graphical database on the server side and removes the overhead to transfer images through network. Second, as a grid is a simple object, this schemes minimize the quality requirement for displays. Different from most schemes, DAS do not impose a limit on the length of a password; a user can draw a password as long as he desired. Theoretically, the full password space of a grid-based scheme is infinite. However, this can lead to the difficulties in remembering the drawing, if the drawing created is complex enough [6].

In a recognition-based graphical password scheme, the users memorize a portfolio of images during password creation, and then recognize their images from among decoys to log in. PassfacesTM, a commercial product by Passfaces Corporation, requires a user to select previously seen human face pictures as a password [7]. One problem with PassfacesTM is that some faces displayed might not be welcomed by certain users. In other words, if a user has to look at some faces he/she does not like or even dislike, the login process will become unpleasant [8]. Another drawback of PassfacesTM is that it cannot be used by people who are face-blind (a disease which affects a person’s ability to tell faces apart).

In a cued-recall graphical password scheme, the users remember and target specific locations within an image. In 2005, Wiedenbeck et al, in [1], proposed PassPoint which allowed a user to click on any point inside an image. As long as the user clicks within a predetermined tolerance distance of the originally chosen point, the clicking will be encoded as same as that for the original one. This allows the password to be stored as the result of a hash function. However, the information about the safe grid (one out of three grids referred for each click) cannot be hashed; and this might leak information once it is obtained by an attacker [9].

To overcome these limitations, a dynamic block-style scheme is proposed.

3. Graphical Authentication System Alphanumeric passwords have been used in most authentication systems. However, the security and

usability problems associated with traditional alphanumerical password authentication system cannot be ignored. The password should be easy to remember yet hard to guess. Graphical password was introduced to overcome these problems.

Graphical passwords are less vulnerable against dictionary attacks and spywares compared to alphanumerical passwords. To defend against brute force attack, a graphical password needs to have a larger password space than alphanumerical password [2].

4. Proposed Dynamic Block-style Scheme

4.1. Dynamic Block-style Scheme In the dynamic block-style scheme, an image is selected as the pass-image and it is divided into 10×10

grids to let the user choose at least 5 and not more than 9 grids (The Magical Number Seven, Plus or Minus Two) as password. During authentication, the grids of pass-image will be divided into four m×n rectangle randomly, where 1≤ m ≤ 9 and 1≤ n ≤ 9, and the location will then be rearranged. An example is shown in Figure 1:

140

Figure 1. Example of Random Size Rectangles and the Location after it is Rearranged

By dividing the image into 10×10 grids, it will make the password space of this system to exceed the password space of traditional alphanumeric password scheme, that is only [94]^n where n = length of password, which is not secure enough because technically it can be easily cracked by a nonstop brute force search.

So, in order to increase the security, the dynamic randomize method is used. Each time during the authentication phase, the location or the look of the image will be changed, and thus it will be very hard to be cracked by only an automated program.

During authentication phase, the user is given 3 attempts to enter the correct password. If all 3 attempts are failed, an acceptance test by fuzzy logic will be applied to determine whether the user can log in or otherwise. Figure 2 shows the rules of the fuzzy inference:

Figure 2. Rules of the Fuzzy Inferences

The acceptance test has 2 inputs – password length and click accuracy, and an output which is the result of the acceptance test. Figure 3 depicts the membership functions of the password length:

length

1

0

short medium long

5 6 7 8 9

Figure 3. Membership Function for the Password Length

Each attempt only allow maximum of two inaccurate clicks, and the minimum value follow the mapping in Figure 4 is selected as the input for acceptance test. “1” indicates the actual password click, the value decrease as the distance increase.

141

0.1 0.1 0.1 0.1 0.1 0.1 0.1

0.1 0.4 0.4 0.4 0.4 0.4 0.1

0.1 0.4 0.7 0.7 0.7 0.4 0.1

0.1 0.4 0.7 1 0.7 0.4 0.1

0.1 0.4 0.7 0.7 0.7 0.4 0.1

0.1 0.4 0.4 0.4 0.4 0.4 0.1

0.1 0.1 0.1 0.1 0.1 0.1 0.1

Figure 4. Membership Function (Mapping) for Click Accuracy Distance

Sugeno fuzzy inference is used in this acceptance test. Sugeno fuzzy inference suggests using a single spike, a singleton, as the membership function of the rule consequent. A singleton (fuzzy singleton) is a fuzzy set with a membership function that is unity at a single particular point on the universe of discourse and zero everywhere else. Figure 5 shows the singleton function for the result of the acceptance test:

1

00.1 0.4 0.7

fail accepted pass

Figure 5. Singleton Membership Function for the Test Result

When the results of the acceptance test are accepted or pass, the login process will be successful. On the other hand, when the result is fail, the login process will also be failed.

Finally, defuzzification is done using Equation (1) below:

(1)

where WA is the weighted average, μ is maximum value of click accuracy and length of password, k is singleton constant, and n is number of attempts (i.e. 1, 2, and 3).

4.2. Registration Module To begin the registration, the user is required to enter a username between 4 to 8 characters. The system

then checks the availability of the username to make sure there is no duplication of username. If the username has been used, the user will be notified and prompted to select another username. Otherwise, if the username is valid, then an image selection screen will be prompted to the user to select an image as the pass-image and enter password selection screen.

In password selection stage, the system divides the selected pass-image into 10×10 grids. The user chooses at least 5 and no more than 9 grids as the password. After that, the user is required to repeat the process to confirm the password. If the passwords match, the registration is completed. Otherwise, if the

142

passwords do not match, the user is required to repeat the steps. Figure 6 presents the registration Graphical User Interface (GUI):

Figure 6. Registration Graphical User Interface

4.3. Authentication Module To login, the user first enters the username. The system then checks the validity of the username. If the

username does not exist, the user is notified and required to re-enter the username again. On the other hand, if the username exists, the authentication process will start with the randomized password selection screen.

The user is required to click on the password’s grids on the randomized location pass-image. If a password match is found, the authentication is completed. Otherwise, if a match is not found, the user is given 2 more attempts. After 3 attempts, the authentication fails and the account is locked. Figure 7 shows the authentication GUI:

Figure 7. Authentication Graphical User Interface

In addition the the functions mentioned, the system also has a module that allows users to change password.

5. Experiment Results First of all, functional test is done. The system is tested based on the functional requirement and non-

functional requirements as planned during the system planning. Following that, an experiment of image selection is done by using Harris corner detector to find the key

points of the pass-images. There are 3 categories of images tested by this experiment which are: nature scene, human and synthetic image – cartoon. Table 1 shows the number of key points in each image:

143

The nature scene images always have the highest number of key point and random distribute key points;

this is because the image of nature scene is very noisy. Human images are more smooth compared to nature scene, and the key points always concentrate on certain area, e.g. eyes and nose. Cartoon always has the fewest key points because there are make up by continuous line.

In other words, nature scene is the hardest to crack but without many memorable key points. Human and cartoon images are more user friendly because the key points are concentrated on certain areas, which is easy to be remembered by human.

6. Discussion In terms of usability, the registration and authentication processes are simple; users only need to key in

their username and click on the password. The users did not get confused during the system test phase. Besides, these processes are easy and fast. Users are allowed to proceed to their actual tasks with minimal time. A degree of tolerance is allowed to increase the system usability. Furthermore, the user interface of the system is simple and understandable to users on the first view. Lastly, the instructions are clear to guide new users on how to use the system.

On the security aspect, the large password space and dynamic position of password of the system provide high resistance to most common attack, e.g. brute-force search and shoulder-surfing attacks. The password is also easy to be remembered and hard to be guessed. In addition, the account will be locked after 3 attempts if the acceptance test is failed, this will further enhance the security of the system.

7. Conclusion The password problem has made it clear that there are problems with the usability and security of

traditional text-based passwords. These problems exist due to the limitation of human’s Long Term Memory. Throughout the last decade, several alternative mechanisms have been developed. However, due to the cost of hardware, security and usability reasons, traditional text-based password remain dominant.

The purpose of this project is to develop a usable and secure graphical authentication scheme as an alternative authentication system. Graphical password has been designed to overcome the text-based password problems. Graphical passwords are more memorable compared to text-based passwords.

A dynamic block-style scheme for graphical passwords is proposed in order to enhance the security and usability aspects in graphical passwords.

By implementing the dynamic block-style scheme, it provides larger password space than traditional text-based passwords. Beside that, certain degree of tolerance is allowed to increase the usability. In addition, selection of the image also affects the security and usability of the system. Simple images increase the usability, which are more users friendly and memorable. On the other hand, complex images are noisier and thus harder to be cracked, but user may be confused when entering the password. Our scheme allows users to choose their own pass-image.

In conclusion, by implementing the proposed dynamic block-style scheme, it is able to provide large password space and reduces registration and authentication time. Therefore, it enhances the security and usability in graphical passwords.

144

TABLE I. NUMBER OF KEY POINTS IN EACH IMAGE

8. Acknowledgment We thank Tan Chin Keong for implementing the system. This work is partially supported by research

grant "Projek Khas Pembantu Penyelidik kepada Pengetua Kolej Pertama R0029/2010A ".

9. References [1] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, “PassPoint: Design and longitudinal

evaluation of a graphical password scheme,” International Journal of Human Studies 63 (2005) 102-127.

[2] P.C. van Oorschot, A. Salehi-Abari, J. Thorpe. Purely automated attacks on Passpoints-style graphical passwords.IEEE Trans. Info. Forensics & Security, 5(3):393–405, 2010.

[3] S. Wiedenbeck, J. Waters, J. C. Birget, A. Brodskiy, and N. Memon, "Authentication using graphical passwords: Basic results," in Human-Computer Interaction International (HCII 2005). Las Vegas, NV, 2005.

[4] X. Suo, Y. Zhu, and G. S. Owen, “Graphical pass-words: A survey,” 21st Annual Computer Security Applications Conference (ACSAC), pp. 463–472,Dec. 5-9, 2005.

[5] I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin, “The design and analysis of graphical passwords,” in Proc. of 8th USENIX Security Symp., 1999.

[6] P. Dunphy and J. Yan, Do Background ImagesImprove “Draw a Secret”, Proceedings of the 14th ACM conference on Computer andcommunicationssecurity,Session:Authentication and passwords, Alexandria,Virginia, USA, pp. 36-47, 2007.

[7] RealUser, "www.realuser.com," last accessed in June 2011.

[8] P. Dunphy, J. Nicholson, and P. Olivier, “Securing Passfaces for description,” in 4th ACM Symposium on Usable Privacy and Security(SOUPS), July 2008.

[9] C. I. Podilchuk, E. J. Delp, “Digital Watermarking: Algorithms and Applications,” IEEE Signal Processing Magazine, July 2001.

145