A press touch code based secure graphical password scheme for smart devices

Currently, smart devices are carried around by a large number of people and become daily companions. In parallel to their popularities, the security threats are also increasing at a greater ratio; therefore, a considerable number of attacks have been noted in the recent past. To resist these attacks...

Full description

Bibliographic Details
Main Author: Al Noman Ranak, Md Sayfullah
Format: Thesis
Language:English
Published: 2018
Subjects:
Online Access:http://umpir.ump.edu.my/id/eprint/24819/
http://umpir.ump.edu.my/id/eprint/24819/
http://umpir.ump.edu.my/id/eprint/24819/1/A%20press%20touch%20code%20based%20secure%20graphical%20password.pdf
Description
Summary:Currently, smart devices are carried around by a large number of people and become daily companions. In parallel to their popularities, the security threats are also increasing at a greater ratio; therefore, a considerable number of attacks have been noted in the recent past. To resist these attacks, many passwords-based graphical authentication schemes are proposed. They could be broadly classified as Drawmetric scheme, Locimetric scheme, and Cognometric scheme. However, most of these schemes are not screen size independent; whereas, smart devices come in different sizes. Specifically, they are not suitable for miniature smart devices due to the small screen size and/or lack of full sized keyboards. In this thesis, a new screen size independent secure authentication scheme has been proposed, which also offers an affordable defense against shoulder surfing attack. Besides the screen size independency it is also offering resilience against smudge attack and brute force attack. In the proposed scheme, the Press Touch (PT)—also known as, Force Touch in Apples MacBook, Apple Watch, ZTEs Axon 7 phone; 3D Touch with iPhone 6 and 7; and so on—is transformed into a new type of code, named Press Touch Code(PTC). Three variants of it are designed and implemented, namely mono-PTC, multi-PTC, and multi-PTC with Grid, on the Android Operating System. An in lab experiment and a comprehensive survey have been conducted to evaluate the effectiveness of the proposed scheme. The lab experiment has been performed to discover the resilience of the system against the shoulder surfing attack. In addition, to determine the usability of the proposed scheme a comprehensive survey involving 105 perticipants has been conducted. The experimental results demonstrate that the proposed scheme offers a higher resilience against shoulder surfing attack over the existing related authentication schemes. Again, positive responses founded, after analyzing the survey feedbacks ; and they admit that the proposed scheme is easy to use.