Graphical Password Authentication

Cloud securing scheme

ShraddhaM. Gurav
Computer Department
Mumbai University
RMCET
Ratnagiri ,India.
guravsm292@gmail.com

Leena S. Gawade
Computer Department
Mumbai University
RMCET
Ratnagiri ,India.
lgleena90@gmail.com

Prathamey K. Rane
Computer Department
Mumbai University
RMCET
Ratnagiri ,India.
prathamey@gmail.com

Nilesh R. Khochare
Computer Department
Mumbai University
RMCET
Ratnagiri,India.
nileshkhochare@gmail.com

Abstract-Graphical password is one of the alternativesolution to
alphanumeric password as it is very tedious process to
remember alphanumeric password. When any application is
provided with user friendly authentication it becomes easy to
access and use that application. One of the major reasons behind
this methodis according to psychological studies human mind
can easily remember images than alphabets or digits. In this
paper we are representing the authentication given to cloud by
using graphical password. We have proposed cloud with
graphical security by means of image password. We are
providing one of the algorithms which are based on selection of
username and images as a password. By this paper we are trying
to give set of images on the basis of alphabet series position of
characters in username. Finally cloud is provided with this
graphical password authentication. [1]
Keywords: Graphical password, cloud security.
I. INTRODUCTION
When anyone wants to access the network, for security
purposes every web application provides user authentication.
From ancient days secret data or code is used for hiding and
giving security to information. In user authentication the
process which we have to pass through is username and
password. Authentication process divided into Token based
authentication, Biometric based authentication and
Knowledge based authentication. Most of the web application
provides knowledge based authentication which include
alphanumeric password as well as graphical password.In
todays changing world when we are having number of
networks and personal account some sort of easy
authentication [6] schema need to be provided.This paper is
based on securing cloud by using graphical password. Cloud
security can also be givenby alphanumeric password but thing
matter is that use of alphanumeric is not that much of secure
and easy to remember. One more important thing is that every
time users have recalled the password. User have to give
priority to security beyond their need so as to satisfy their
work.[3]
II.RELATED WORK
A. Image based scheme
Image-based schemes use images including photo
graphics, artificial pictures, or other kind of images as
background. Based on the number of images displayed, we
further divide image-based schemes into two subclasses:
single-image schemes and multiple-image schemes.[9]
1) Single-image based: Single-image based schemes,
Single image is provided to user, they have to
selectparticular points.


Fig 1.Blonder scheme Fig 2.Viskey


2014 International Conference on Electronic Systems, Signal Processing and Computing Technologies
978-1-4799-2102-7/14 $31.00 2014 IEEE
DOI 10.1109/ICESC.2014.90
479

Fig 3.Passpoints

2) Multiple-image based: In this scheme number of
imageswill provided to user they have to select one or
more of them.


Fig.4 Pass faces Fig.5 Story scheme



Fig.6. Deja Vu Fig.7 Picture password

3) Advantages
User can easily remember the password as it given
in images.
4) Disadvantages
Image based password is very long process user
have to pass through selection of number of
images.
It consumes users time also.

B. Grid based scheme
In this scheme graphical password is at grid background.

Fig.8 DAS (draw-a-secret) scheme
1) Advantages
There no need to store graphical database at server-
side.
Grid is simple object there are no extra displays are
needed.
2) Disadvantages
During authentication the sequence can be changed
or grids may be different as it is a drawing.

C. Triangle scheme
In this scheme user is provided with convex surface.
Users have to select the points from that forming particular
triangle.

Fig 9.Triangle scheme
1) Advantages
In this scheme the display is very crowded so not
able to guess the password.
Numbers of images shown are almost same, it is
difficult to distinguish.
2) Disadvantages
As it has convex surface assigning process takes
longer time and number of attempts.

D. Hybrid textual authentication
In this scheme user have to rate the number so as to
find the particular color sequence and have to remember that.


Fig 10.Hyrid authentication
1) Advantages
In this method colors are already given user only
have to remember the rating.
Very easy to assign no special algorithm is used.
2) Disadvantages
It is somewhat difficult to remember colors with
sequence.

480
E. Signature based scheme
In this scheme user signature is used for password
which is mentioned in system.

Fig 11.Signature based scheme[11]
1) Advantages
Signature of anyone cannot be copied as it is.
Small mistake in signature can denied the access.
2) Disadvantages
Remembering the grid of signature is not a simple
task.

III. THE PROPOSED WORK AND TOOL
A. How to start
When one starts the cloud service they will be provided
with options to select. For registration user have to pass
through authentication process. In that on the basis of
username, process will be started at the server-side. Set of
images which will be provided to user are based on result of
calculation.
Username: ABCD

B. Calculations on the basis of username
At the server-side position of usernames alphabet in
alphabet series will be calculated. Then addition of all the
positions is done. First digit of that sum will be considered for
further calculations.
Alphabets A B C D
Position 01 02 03 04

Finding the set to be assigned


Calculation of result: A+B+C+D=1+2+3+4=10


This first digit is 1, forwarded for further calculation.

C. Assigning set of images
There are total 26 alphabets present in alphabet series.
We know that any two digit number can startwith number 1-9
itself.Server has already made set of images. Set of images
will be assigned according to result of calculation which
server has got at the second step. 1-9 numbers will be
assigned to that sets like

A B C D E F G H I
1 2 3 4 5 6 7 8 9

Means what if first digit is 1,then set assigned to it will set
of A. If first digit is 2, then set assigned to it will be B.

D. Selection of password
In this complete password is divided in two sections
first is based on user selection, second is based on server
provided sets of images. For user selection, from given set of
images user has to select two images as the password. From
sever end two images will be provided to user so as to form
complete password.
Flow of Proposed System

Set of images:




Each set will contain 100 different images.

Username calculation:
A=1, B=2, C=3,.Y=25, Z=26.
If username is ABCD then sum is=

If username is LMNO then sum is=

1 and 5 are forwarded for further calculation.

Assigning set of images:
For username ABCD as sum is 10 and 1 is forwarded


For username LMNO as sum is 54 and 5 is forwarded



Selection of password;
For username ABCD For username LMNO
Set is Set is



+ + +



Users have to select 2 images from 100 and two will be from
server-side.
Set A Set B Set E Set D Set C
Set F Set I Set G Set H
1+2+3+4=10
12+13+14+15=54
Set of images will be assigned of A
Set of images will be assigned of E
Set A Set B
2 1 2 1
Sever side2
Images
Sever side2
Images
Complete password Complete password
481
Flowchart of Proposed System

In this method when any user try to access the cloud
services they will be provided with two options sign in and
sign up . At server side calculation in sign up registration is
made for user. User have to enter the username based on that
particular image set which will be provided to them on the
basis of algorithm. In this algorithm first username is
checked. After calculation set of images will be provide to
user. User have to select two images as client side selection
and other two will be given from server side as server side
selection.So the complete password will be stored in database
of server. In sign in the user have to give username which he
or she has given during sign in and select the password from
given set of images. Validation of user is done then cloud
access is given to particular user. They access their account
with uploading and downloading facility.

Fig 12. Flowchart for Proposed System

IV. COMPARISON WITH OTHER METHODS

Drawback is that if one user has number of
accounts, to remember all those passwords, is
simply not possible.
In some of the cases it may happen that one can
forget the password when there is no frequent
use of particular account.
Providing simple password can also be one
solution to that, but they are easily guessable. So
there has to be some technique for security.
Password can be provided using multiple ways,
but there are different drawbacks of that which
can be overcome by graphical password.[1][2]
Most of todays authentication scheme
provides username and password of at least
eight characters so it become too large to
remember.[3]

Why to choose graphical password for cloud
security
Graphical password provides more security than
alphanumeric password. Most of the alphanumeric
authentication choose a plain text or easy password to
avoiding the confusion. whenever we confirm the
alphanumeric password there is some hint option
provided, using this hackers can easily gain entry to the
system in less time. Most of the system provides image
related password i.e. Graphical password. In this method
selectable images are used , user can have more number of
images on each page and among all of this password is
selected. Images are different for each case, so if hackers
try to match the each combination to find the correct
password it will take millions of year. In alphanumeric
password eight characters password is needed to gain
entry of particular system, but in graphical password user
have to select the images that in front of him/her and
confirm the password. Whenever user pass through the
authentication process it is easy to remember images
whatever they have chosen previously. Graphical
password is providing more memorable password than
alphanumeric password which can reduce theburden on
brain of user.[4]





Upload
Accessing cloud services
Stop
Logout successful
Server-side storage of
password
Download
Access to cloud account
Valid
password
Select the password images
Server-side calculation
Enter username
Sign in
Registration successful
Formation of complete password
Provided images
Enter username
Registration
Sign up
Start
Server-side calculation
Set of images provided
Select password
482
Comparison of Methods with Proposed System


V. CONCLUSION AND FUTURE WORK
Thus graphical password authentication can be given
by taking cloud as a platform. The new scheme provides
solves the many problems of existing system. It can also
be useful for user in security point of view.

VI. REFERENCES
[1] A Survey on Recognition-Based Graphical User
Authentication Algorithms FarnazTowhidi Centre
for Advanced Software Engineering, University
Technology Malaysia Kuala Lumpur, Malaysia
[2] Authentication Using Graphical Passwords: Basic
Results Susan Wiedenbeck Jim Waters ,College of
IST Drexel University Philadelphia, PA, 19104 USA
[3] Security Analysis of Graphical Passwords over the
Alphanumeric Passwords by G. Agarwal ,1Deptt.of
Computer Science, IIET, Bareilly, India 2,3 Deptt.
of Information Technology, IIET, Bareilly, India
27-11-2010
[4] Graphical Passwords,FABIAN MONROSE AND
MICHAEL K. REITER, August 5, 2005
[5] A Survey on Recognition-Based Graphical User
Authentication Algorithms
[6] Authentication Using Graphical Passwords: Effects
of Tolerance and Image Choice Susan Wiedenbeck
Jim Waters College of IST Drexel University
Philadelphia
[7] Design and Evaluation of a Shoulder-Surfing
Resistant Graphical Password Scheme Susan
Wiedenbeck and Jim Waters College of IST Drexel
University Philadelphia, PA 19104 USA
[8] Graphical Passwords as Browser Extension:
Implementation and Usability Study1,Kemal
Bicakci1, Mustafa Yuceel1, Burak Erdeniz2, Hakan
Gurbaslar2, NartBedin Atalay3
[9] Pass-Go, a New Graphical Password
Scheme,HAITAOThesis submitted to the Faculty of
Graduate and Postdoctoral Studies Electrical and
Computer Engineering University of Ottawa Hai
Tao, Ottawa,Canada, June, 2006
[10] Graphical Password Authentication system in an
implicit manner,SUCHITA SAWLA*, ASHVINI
FULKAR, ZUBIN KHAN Department of Computer
Science, Jawaharlal Darda Institute of Engineering
& Technology, Yavatmal, MS, India. March 15,
2012
[11] Authentication for Session Password Using Colour
and Images by jai patel,SNJBs COE Computer
Engineering Department, University Of Pune.
Ganeshkhind,Pune.







Schemes Method Ease of
use
Advantage
s
Disadvantag
es
Image-
based
scheme
Single or
multiple
images are
used
Selection
of images
Easily
remember
the
password
Very long
process
selection of
number
images.

Grid-
based
scheme

Grid
platform
is used to
accommo
date pixels
Simple
take and
draw
scheme
No extra
displays are
needed grid
is
sufficient.

sequence can
be changed
or grids may
be different
Triangle
scheme

Set of
images on
convex
surface
Complex
as convex
triangle
Crowded
Display

convex
surface
assigning
process takes
longer time
Hybrid
textual
authentic
ation

Colors
with
sequence
number is
combinati
on
Complex
as
confusion
with
colors
Given user
only have
to
remember
the rating.

Difficult to
remember
colors with
sequence.

Signatur
e based
scheme

User
signature
on grid
platform
Own
signature
Denied the
access for
mistake
Rememberin
g the grid if
not simple
Usernam
e and
image
password
scheme[p
roposed
system]
Username
with
selection
of images
as
password
Username
password
remembra
nces
More
strong
authenticati
on process
Access can
be given if
anyone
knows
sequence
with
username
483