際際滷

際際滷Share a Scribd company logo
Presented By :
Nishit Jain
Arifullah Khan
Prajwal Kondawar
Nitin Walke
Guided By :
Chaitali Chandankhede
OUTLINE
 Idea in a Nutshell
 Previous Work
 Our Solution
 Working
 Why Better ?
 Future Enhancements
 Conclusion
2/1
IDEA IN A NUTSHELL
 What is MGPS ?
 Mutating Graphical Password System
 Pattern-Based
 Pattern to text mapping
3/15
 Text-Based Password
 Advantages :
 Well-Known
 High Resistance To Shoulder Surfing
 Limitations :
 Password Complexity
 Recall Failure
PREVIOUS WORK
4/15
PREVIOUS WORK
 Graphical Password
 Click-Based Password
 Draw-A-Secret
 Composite-Scene-Authentication
 Image Based Authentication
5/15
PREVIOUS WORK
 Graphical Password
 Advantages :
 Easy Recall
 Ease Of Use
 Limitations :
 Very Poor Resistance To Shoulder Surfing
6/15
OUR SOLUTION
MGPS
TEXT-BASED GRAPHICAL
 Resistance To
Shoulder Surfing
 Easy Recall
 Ease Of Use
Hybrid System Of Traditional Text-Based And Modern Graphical Password Techniques
7/15
WORKING
REGISTRATION FLOWCHART
START
Display 8*8 Grid
Enter Password
Length >=5?
Generate Hash
Sequence Of The
Entered Password
Update Database
END
Length Too
Short
Yes
No
8/15
Entered Password Is :
a1 a2 a3 a4 a5 a6 a7 a8
b1 b2 b3 b4 b5 b6 b7 b8
c1 c2 c3 c4 c5 c6 c7 c8
d1 d2 d3 d4 d5 d6 d7 d8
e1 e2 e3 e4 e5 e6 e7 e8
f1 f2 f3 f4 f5 f6 f7 f8
g1 g2 g3 g4 g5 g6 g7 g8
h1 h2 h3 h4 h5 h6 h7 h8
b2
b2-> f2-> f6
f2 f6
WORKING
REGISTRATION PHASE
Hash Value : A7FD9EBC210F
Hashing
Internal Representation :
(b2f2f6)
Hash Value is stored in the file as the users password
9/15
WORKING
LOGIN FLOWCHART
START
Generate New
Randomized Grid
Enter Next Vertex
Of The Password
Last Vertex
Entered?
Determine Vertex
Position ON Grid
Retrieve Hash
Sequence Of The
Original Password
Hash
Sequence
Matched?
Successful Login
END
No
No
Yes
Yes
Construct Final
Hash Sequence Of
The Password
10/15
WORKING
LOGIN PHASE
USERNAME :
PASSWORD :
MIT
W8 Q4R3
W8
R3 Q4
 The password W8R3Q4 is internally
recognized as the sequence b2f2f6.
 The Hash Value of this sequence is matched
against the file.
 If the match is found, corresponding user is
successfully logged into the system.
11/15
WHY BETTER ?
Sr. No. Types Of Attacks Vulnerability
Text-Based Passwords Previous GPS MGPS
1. Brute-force High Moderate Low
2. Dictionary High NA NA
3. Shoulder Surfing Moderate High Very Low
4. Guessing High Moderate Low
5. Key Logging Very High Negligible Negligible
6. Rainbow Tables Moderate Moderate Comparatively Low
12/15
FUTURE ENHANCEMENTS
 Implementation on Network Client-Server
Architecture
 Devising methods to improve the memorability for
complex passwords
 Optimization for low memory hand-held devices
13/15
CONCLUSION
 Our system is very much resistant to various attacks
which are possible on the current password systems.
 Combination of graphical pattern and textual input
makes the system unique in its own way.
14/15
15/15

More Related Content

Major_Project

  • 1. Presented By : Nishit Jain Arifullah Khan Prajwal Kondawar Nitin Walke Guided By : Chaitali Chandankhede
  • 2. OUTLINE Idea in a Nutshell Previous Work Our Solution Working Why Better ? Future Enhancements Conclusion 2/1
  • 3. IDEA IN A NUTSHELL What is MGPS ? Mutating Graphical Password System Pattern-Based Pattern to text mapping 3/15
  • 4. Text-Based Password Advantages : Well-Known High Resistance To Shoulder Surfing Limitations : Password Complexity Recall Failure PREVIOUS WORK 4/15
  • 5. PREVIOUS WORK Graphical Password Click-Based Password Draw-A-Secret Composite-Scene-Authentication Image Based Authentication 5/15
  • 6. PREVIOUS WORK Graphical Password Advantages : Easy Recall Ease Of Use Limitations : Very Poor Resistance To Shoulder Surfing 6/15
  • 7. OUR SOLUTION MGPS TEXT-BASED GRAPHICAL Resistance To Shoulder Surfing Easy Recall Ease Of Use Hybrid System Of Traditional Text-Based And Modern Graphical Password Techniques 7/15
  • 8. WORKING REGISTRATION FLOWCHART START Display 8*8 Grid Enter Password Length >=5? Generate Hash Sequence Of The Entered Password Update Database END Length Too Short Yes No 8/15
  • 9. Entered Password Is : a1 a2 a3 a4 a5 a6 a7 a8 b1 b2 b3 b4 b5 b6 b7 b8 c1 c2 c3 c4 c5 c6 c7 c8 d1 d2 d3 d4 d5 d6 d7 d8 e1 e2 e3 e4 e5 e6 e7 e8 f1 f2 f3 f4 f5 f6 f7 f8 g1 g2 g3 g4 g5 g6 g7 g8 h1 h2 h3 h4 h5 h6 h7 h8 b2 b2-> f2-> f6 f2 f6 WORKING REGISTRATION PHASE Hash Value : A7FD9EBC210F Hashing Internal Representation : (b2f2f6) Hash Value is stored in the file as the users password 9/15
  • 10. WORKING LOGIN FLOWCHART START Generate New Randomized Grid Enter Next Vertex Of The Password Last Vertex Entered? Determine Vertex Position ON Grid Retrieve Hash Sequence Of The Original Password Hash Sequence Matched? Successful Login END No No Yes Yes Construct Final Hash Sequence Of The Password 10/15
  • 11. WORKING LOGIN PHASE USERNAME : PASSWORD : MIT W8 Q4R3 W8 R3 Q4 The password W8R3Q4 is internally recognized as the sequence b2f2f6. The Hash Value of this sequence is matched against the file. If the match is found, corresponding user is successfully logged into the system. 11/15
  • 12. WHY BETTER ? Sr. No. Types Of Attacks Vulnerability Text-Based Passwords Previous GPS MGPS 1. Brute-force High Moderate Low 2. Dictionary High NA NA 3. Shoulder Surfing Moderate High Very Low 4. Guessing High Moderate Low 5. Key Logging Very High Negligible Negligible 6. Rainbow Tables Moderate Moderate Comparatively Low 12/15
  • 13. FUTURE ENHANCEMENTS Implementation on Network Client-Server Architecture Devising methods to improve the memorability for complex passwords Optimization for low memory hand-held devices 13/15
  • 14. CONCLUSION Our system is very much resistant to various attacks which are possible on the current password systems. Combination of graphical pattern and textual input makes the system unique in its own way. 14/15
  • 15. 15/15