Pass-image authentication method tolerant to random and video-recording attacks

Yutaka Hirakawa, Motohiro Take, Kazuo Ohzeki

Research output: Contribution to journalArticle

Abstract

User authentication is widely used in many Internet services and is also used by automatic teller machines (ATMs). Recently, there has been an increase in the ATM password thefts using small charge-coupled device cameras. This study discusses a user authentication method in which graphical passwords, instead of alphanumeric ones as, are used to mitigate observation attacks. Several techniques for password authentication have been discussed in various studies. However, there has not been sufficient research on authentication methods that use pass-images instead of pass-texts. This study proposes a user authentication method that is tolerant to serious attacks when a user's pass-image selection operation is video recorded twice. In addition, usage guidelines recommending eight pass-images are proposed, and the corresponding security strength is evaluated.

Original languageEnglish
Pages (from-to)20-36
Number of pages17
JournalInternational Journal of Computer Science and Applications
Volume9
Issue number3
Publication statusPublished - 2012

Fingerprint

Video recording
Authentication
Automatic teller machines
CCD cameras
Internet

Keywords

  • Graphical password
  • Random attack
  • User authentication
  • Video-recording attack

ASJC Scopus subject areas

  • Computer Science Applications

Cite this

Pass-image authentication method tolerant to random and video-recording attacks. / Hirakawa, Yutaka; Take, Motohiro; Ohzeki, Kazuo.

In: International Journal of Computer Science and Applications, Vol. 9, No. 3, 2012, p. 20-36.

Research output: Contribution to journalArticle

@article{a71ed70b95014293a91e42df85853bdd,
title = "Pass-image authentication method tolerant to random and video-recording attacks",
abstract = "User authentication is widely used in many Internet services and is also used by automatic teller machines (ATMs). Recently, there has been an increase in the ATM password thefts using small charge-coupled device cameras. This study discusses a user authentication method in which graphical passwords, instead of alphanumeric ones as, are used to mitigate observation attacks. Several techniques for password authentication have been discussed in various studies. However, there has not been sufficient research on authentication methods that use pass-images instead of pass-texts. This study proposes a user authentication method that is tolerant to serious attacks when a user's pass-image selection operation is video recorded twice. In addition, usage guidelines recommending eight pass-images are proposed, and the corresponding security strength is evaluated.",
keywords = "Graphical password, Random attack, User authentication, Video-recording attack",
author = "Yutaka Hirakawa and Motohiro Take and Kazuo Ohzeki",
year = "2012",
language = "English",
volume = "9",
pages = "20--36",
journal = "International Journal of Computer Science and Applications",
issn = "0972-9038",
publisher = "Technomathematics Research Foundation",
number = "3",

}

TY - JOUR

T1 - Pass-image authentication method tolerant to random and video-recording attacks

AU - Hirakawa, Yutaka

AU - Take, Motohiro

AU - Ohzeki, Kazuo

PY - 2012

Y1 - 2012

N2 - User authentication is widely used in many Internet services and is also used by automatic teller machines (ATMs). Recently, there has been an increase in the ATM password thefts using small charge-coupled device cameras. This study discusses a user authentication method in which graphical passwords, instead of alphanumeric ones as, are used to mitigate observation attacks. Several techniques for password authentication have been discussed in various studies. However, there has not been sufficient research on authentication methods that use pass-images instead of pass-texts. This study proposes a user authentication method that is tolerant to serious attacks when a user's pass-image selection operation is video recorded twice. In addition, usage guidelines recommending eight pass-images are proposed, and the corresponding security strength is evaluated.

AB - User authentication is widely used in many Internet services and is also used by automatic teller machines (ATMs). Recently, there has been an increase in the ATM password thefts using small charge-coupled device cameras. This study discusses a user authentication method in which graphical passwords, instead of alphanumeric ones as, are used to mitigate observation attacks. Several techniques for password authentication have been discussed in various studies. However, there has not been sufficient research on authentication methods that use pass-images instead of pass-texts. This study proposes a user authentication method that is tolerant to serious attacks when a user's pass-image selection operation is video recorded twice. In addition, usage guidelines recommending eight pass-images are proposed, and the corresponding security strength is evaluated.

KW - Graphical password

KW - Random attack

KW - User authentication

KW - Video-recording attack

UR - http://www.scopus.com/inward/record.url?scp=84872778899&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84872778899&partnerID=8YFLogxK

M3 - Article

VL - 9

SP - 20

EP - 36

JO - International Journal of Computer Science and Applications

JF - International Journal of Computer Science and Applications

SN - 0972-9038

IS - 3

ER -