Title: Trustworthy Computing in My Mind: A Case Study on Visual Password
1Trustworthy Computing in My Mind A Case Study on
Visual Password
Shujun LiVisiting Student at VC Group, Microsoft
Research Asia Institute of Image
ProcessingXian Jiaotong UniversityApril, 2002
2Table of Contents
- What is Trustworthy Computing?
- Does Perfect Trustworthiness Exist?
- How to Increase Trustworthiness?
- A Case Study Visual Password
- What/Why/How about Visual Password
- Some Proposed Schemes
- A Comparison Between Visual Password and Textual
Password from Trustworthy Viewpoint - Problems, Principles and Solutions
31. What is Trustworthy Computing?
- Trustworthy computing is a label for a whole
range of advances that have to be made for people
to be as comfortable using devices powered by
computers and softwares as they are today using a
device that is powered by electricity.
Microsoft White Paper Trustworthy Computing - Trustworthy computing is a multi-dimensional set
of issues good availability for almost needs
requested by the users, acceptable reliability of
provided services, high security of users data
and system configurations, recoverability of
damaged systems and lost data, full control of
users data only by themselves with suitable
manners, great reputation of the services
providers, etc.
42. Does Perfect Trustworthiness Exist?
- Nothing is perfect. We can only provide ENOUGH
trustworthiness in practice. - It is very hard to give a right definition of
trustworthiness. Trustworthiness is a complicated
concept in both technical and social world. - An architecture built on diversity is robust,
but it also operates on the edge of chaos. As a
natural result, it is very difficult to exactly
analyze the trustworthiness of - Trade-offs exist between the different
requirements of perfect trustworthiness. For
example, higher security always corresponds to
less usability, higher trustworthiness needs more
costs in many cases.
53. How to Increase Trustworthiness?
- Avoid using insecure codes
- Trustworthiness first, not new features
- Adopt suitable algorithms to protect the security
and integrity of users data and systems - Keep in mind that a computing system is only as
trustworthy as its weakest link - Users-centered design, coding and support
- Keep things simple to enhance usability and
long-term and large-scale reliability - More redundancy trend to less risks
64a. A Case Study Visual Password
- What is Visual Password?
- The user interface by which one can generate
password with graphical/visual operations, such
as movement and clicking of mouse on a picture. - Why Use Visual Password?
- It may provide higher trustworthiness than
traditional textual password. - How to Make Visual Password?
- Some schemes have been proposed, we will briefly
introduce and analyze those ideas. Some
principles and more potential solutions will also
be discussed.
74b. Some Proposed Schemes
- Drawing-Based Visual Password I. Jermyns
Graphical Password for PDA - Visual Password Based on Selected Secret Pictures
from a Picture Database PassFaceTM and Déjà Vu
System - Click-by-Click Visual Password Blonders Patent,
PassPicTM, Passlogix v-GOTM Graphical Password
Window, Darko Kirovskis System (Microsoft) - More details about proposed schemes are
needed for further investigations.
84c. A Comparison Between Visual Password and
Textual Password
Textual Password Visual Password
Usability Inconvenient for young children and the blind Inconvenient for the blind
Memorizablity Security to Dictionary Attack Easily-memorizable passwords are weak to dictionary attack, while good ones are generally hard to be memorized. Many strong passwords may be easily memorized. Dictionary attack becomes more hard.
Security to Shoulder-Surfing Attack The slower the typewriting speed, the weaker the security. All proposed schemes cannot resist shoulder-surfing attack.
94d. Problems How to Resist Shoulder-Surfing
Attack?
- How does shoulder-surfing attack work?
- Once one impostor peeps legal users login
actions, he can repeat those actions to cheat the
login system, without guessing the right password
behind such login actions. - How to resist shoulder-surfing attack?
- The login operations of different logins must not
be same. We call such a feature time-variant
login-actions. - How to obtain time-variant property?
- Pseudo-randomization mechanism may be helpful.
104d. Principles Visual Password
- Larger strong key space than textual password
- Similar or better usability than textual
password a) easy user interface b) good
memorizability. - Resistance to shoulder-surfing attack Is such a
capability possible? (Clue a shoulder-surfing
attacker can see what you can see and understand
what you can understand people hate hard
deduction required by time-variant
login-actions.) - Acceptable solution of the trade-off between
usability and security.
114d. Solutions A Theoretical Model of Visual
Password Login System Resisting Shoulder-Surfing
Attack
Here, PCNL should satisfy the following
requirements deducing the actions in the next
login is easy enough for legal users who know the
password, but is hard enough for illegal users
who have monitored your previous logins.
124d. Problems Is a Practical PCNL Possible?
- In fact, a PCNL is a trapdoor function from
cryptographic viewpoint. - Human beings are not machines and hate
complicated deduction, a PCNL MUST be easy enough
for any users, including young children. - Legal users may forget what they input in the
last login, clues should be given to remind them.
Consider such clues may be also peeped by an
impostor, they should not provide useful
information to him under the assumption that he
does not know password. - Now I have not found a really practical
PCNL. Does a practical PCNL exist? We try to find
the answer.
134d. Solutions More Fresh Ways?
- More Click-by-Click Visual Passwords Visual
Password Based on Clicking Picture Properties,
such as differences of a pair of pictures, the
relations between two countries in a world map,
the geometry properties of elements in a computer
painting. - Visual Passwords Based on Specially-Designed
Input Devices a) Device tracking users eyes b)
Strange mouse that can generate password by
ones touching different parts c) Strange
glasses that can generate different scenes from
different view directions with enough sensitivity.
14Thanks For your watching and advice!