Hybrid Graphical User Authentication Scheme Using Grid Code

Hybrid Graphical User Authentication Scheme Using Grid Code
  IJETT-book-cover           
  
© 2021 by IJETT Journal
Volume-69 Issue-5
Year of Publication : 2021
Authors : Salim Istyaq, Afrah Nazir, Mohammad Sarosh Umar
DOI :  10.14445/22315381/IJETT-V69I5P223

How to Cite?

Salim Istyaq, Afrah Nazir, Mohammad Sarosh Umar, "Hybrid Graphical User Authentication Scheme Using Grid Code," International Journal of Engineering Trends and Technology, vol. 69, no. 5, pp. 166-176, 2021. Crossref, https://doi.org/10.14445/22315381/IJETT-V69I5P223

Abstract
Security is an essential part of any organization, due to the fact that it protects our resources such as confidential data and information from third-party access point. Numerous algorithms and models are developed for a search of better protection. But they have limited protection shields or they have some bugs, which allows a hacker to access the principle framework. Consequently, numerous security systems are implemented utilizing various methodologies of which one is graphical based security. Here, we propose a security system based on text as well as graphical password that works on the generation of Unique Grid Code (UGC) for each selected image by the user for their password. Our system’s most significant security highlight is that it assigns a unique code for each selection, composed of coordinated selected image, which will also vary from one image to another.

Keywords
OTP, UGC, Matrix Authentication, Passface, Shoulder Surfing, HGC

Reference
[1] F. Syukri, E. Okamoto, and M. Mambo, A user identification system using signature written with mouse, in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 1438(1998) 403–414, doi: 10.1007/bfb0053751.
[2] C. P. Katsini, C. Fidas, M. Belk, G. Samaras and N. Avouris, A Human-Cognitive Perspective of Users’ Password Choices in Recognition-Based Graphical Authentication, International Journal of Human–Computer Interaction, 2019, doi:10.1080/10447318.2019.1574057.
[3] D. Weinshall and S. Kirkpatrick, Passwords you’ll never forget, but can’t recall, 2004, doi: 10.1145/985921.986074.
[4] E. K. Wang, C. M. Chen, D. Zhao, W. H. Ip and K. L. Yung, A dynamic trust model in internet of things, Soft Computing, 24(8)(2020) 5773-5782.
[5] F. Towhidi and M. Masrom, A Survey on Recognition Based Graphical User Authentication Algorithms, Dec. 2009, [Online] Available: http://arxiv.org/abs/0912.0942.
[6] Fujitsu integrates PalmSecure with Passlogix v-GO SSO, Biometric Technol. Today, 2010(9)(2010)2, doi: 10.1016/s0969-4765(10)70176-4.
[7] H. Gao, Z. Ren, X. Chang, X. Liu, and U. Aickelin, A new graphical password scheme resistant to shoulder-surfing, in Proceedings - 2010 International Conference on Cyberworlds, CW 2010, 2010, 194–199, doi: 10.1109/CW.2010.34.
[8] H. Xiong, Y. Wu, C. Jin, and S. Kumari, Efficient and privacy- preserving authentication protocol for heterogeneous systems in IIOT, IEEE Internet of Things Journal, 2020.
[9] H. Zhao and X. Li, S3PAS:A Scalable shoulder-surfing resistant textual-graphical password authentication scheme, 2007, doi: 10.1109/AINAW.2007.317.
[10] H. Zhu, X. Wang, C. M. Chen, and S. Kumari, Two novel semi-quantum-reflection protocols applied in connected vehicle systems with blockchain, Computers & Electrical Engineering, 86(2020) 106714.
[11] I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter, and A. D. Rubin, The design and analysis of graphical passwords, 1999.
[12] J. C. Sobardo, L.Birget, “Graphical Passwords, The Rutgers Scholar, An Electronic Bulletin for Undergraduate Research, 4(2002).
[13] J. Goldberg, J. Hagman, and V. Sazawal, Doodling our way to better authentication, in Conference on Human Factors in Computing Systems - Proceedings, (2002)868–869, doi: 10.1145/506621.506639.
[14] J. H. Hsiao, R.Tso, C. M. Chen, and M. E. Wu, Decentralized e-voting systems based on the blockchain technology, in Advances in Computer Science and Ubiquitous Computing, pp. 305-309, Springer, Berlin, Germany, 2017.
[15] L. Xie, Y. Ding, H. Yang and X. Wang, Blockchain based secure and trustworthy internet of things in SDN-enabled 5g-VANETs, IEEE Access, 7(2019) 56 656-56 666.
[16] M. S. Umar and M. Q. Rafiq, A graphical interface for user authentication on mobile phones, 2011.
[17] M. S. Umar and M. Q. Rafiq, Select-to-Spawn: A novel recognition-based graphical user authentication scheme, 2012, doi: 10.1109/ISPCC.2012.6224382.
[18] M. S. Umar and Salim Istyaq, Encoding Passwords using QR Image for Authentication, IEEE Xplore Digit. Libr., 2016.
[19] M. Sulzmann and K. Z. M. Lu, “A type-safe embedding of XDuce into ML,” 2019, doi: 10.1016/j.entcs.2005.11.047.
[20] P. Golle and D. Wagner, Cryptanalysis of a cognitive authentication scheme, in Proceedings - IEEE Symposium on Security and Privacy, (2017) 66–70, doi: 10.1109/SP.2017.13.
[21] R. Dhamija and A. Perrig, Déjà Vu: A user study using images for authentication, 2000.
[22] S. A. A. Shah, E. Ahmed, M. Imran, and S. Zeadally, 5G for vehicular communications, IEEE Communications Magazine, 56(1)(2018) 111-117.
[23] S. Istyaq, SALIM-WASET, World Acad. Sci. Eng. Technol., 10(2016), [Online] Available: https://www.researchgate.net/publication/309179512_Hybrid_Authentication_System_Using_QR_Code_with_OTP.
[24] Symnatec, 2014 INternet Security Threat report, Symantec Corp. Internet Secur. Threat Rep., 2013.
[25] S. Man, D. Hong, and M. Matthews, A shoulder-surfing resistant graphical password scheme - WIW, in Proceedings of the International Conference on Security and Management, 1(2003) 105–111.
[26] S. Xiaoyuan, Z. Ying, and G. S. Owen, Graphical passwords: A survey, in Proceedings - Annual Computer Security Applications Conference, ACSAC, 2005, (2005) 463–472, doi: 10.1109/CSAC.2005.27.
[27] V. Mahindrakar, DIGITAL INDIA: ‘A Program to Transform India into a Digitally Empowered Society and Knowledge Economy, Int. J. Adv. Eng. Res. Technol., 5(9)(2017) 705–708,[Online]. Available: www.ijaert.org.
[28] W. A. Jansen, Authenticating Users on Handheld Devices, Proc. Can. Inf. Technol. Secur. Symp., 2003.
[29] W. Jansen, Authenticating Mobile Device User through Image Selection, 2004.
[30] Z. Zheng, X. Liu, L. Yin, and Z. Liu, A hybrid password authentication scheme based on shape and text, J. Comput., 5(5)(2010) 765–772, doi: 10.4304/jcp.5.5.765-772.