A New Numerical Password Authentication Method

This paper was presented on International Conference on E-Learning and E-Educational Technology ( ICELEET 2013 ) Cojointed with International Conference on Latest Trends of Computer Engineering and Information Technology ( ICLTCEIT 2013 ) – Sydney, Australia on December 29 - 30, 2013

A New Numerical Password Authentication Method Yutaka Hirakawa Shibaura Institute of Technology, Tokyo, Japan [email protected] Takumi Itoh Shibaura Institute of Technology, Tokyo, Japan [email protected] Kazuo Ohzeki Shibaura Institute of Technology, Tokyo, Japan [email protected] Abstract: User authentication is widely used in automatic teller machines (ATMs) and Internet services. Recently, ATM passwords have been increasingly stolen with the aid of small charge-coupled device camera recordings. This article discusses a means of improving a user authentication method that accepts numerical passwords and that is tolerant to observation attacks. A vicious observation attack, or a video-recording attack, where the user’s password selection operation is video recorded, is well known. Conventionally, a few methods are tolerant when password selection operations are video recorded two times. However, the conventional methods require passwords that are significantly lengthy. This article proposes a user authentication method that is tolerant to attacks when the user’s password selection operation is video recorded two times, even when using shorter passwords, and its security is evaluated. Keywords-component; password authentication method, video-recording attack, security I. Introduction User authentication is widely used in automatic teller machines (ATMs) and many Internet services. A 4-digit personal identification number (PIN) is commonly used for user authentication. In Japan in October 2005, an ATM password was stolen with the aid of a wireless charge-coupled device (CCD) camera recording. The perpetrators had set up many cameras at various ATMs in Tokyo. The bank’s investigation revealed that user operation was captured by hidden cameras at more than 60 ATMs in the metropolitan area [1, 2]. Biometric authentication technology and sneak shot camera detection technology are possible solutions [3 - 6] to this problem. However, because there are many ATMs installed around the world and the aforementioned solutions require additional equipment, the problem is a current concern. Conventionally, there are a few methods that are tolerant when a user’s password selection operation is video recorded two times. However, if the intent is to use numerical passwords, passwords longer than 12 characters are necessary for secure use. Such passwords are too long for most customers to remember easily.

Proceedings are available @ IISRC - International Journal of Information Technology & Computer Science ( IJITCS ) ( http://www.ijitcs.com ) (ISSN : 2091-1610 ) , Volume No : 12 Issue No : 4 ……. …………………………….Page … 7……


This article proposes a numerical password authentication method that uses shorter numerical passwords and is tolerant when a user’s password selection operation is video-recorded two times. The security of the proposed authentication method is evaluated against random and video-recording attacks. The remainder of this article is organized as follows: Section II describes the requirements of the password authentication method. Section III briefly discusses existing techniques. Section IV explains the proposed authentication method and its evaluation results. Section V summarizes the article. II. Requirements For this study, we assume the use of numerical passwords at ATMs. The security of the authentication method is evaluated from the following two viewpoints. (1) Random attack Random attack is an attack that attempts to pass the authentication process by random operation. Because a 4-digit PIN is used at ATMs, we adopt a success rate of less than 1/10000 as a requirement for a random attack. (2) Video-recording attack Currently, many cell phones and handheld devices are equipped with a camera. In addition, wireless CCD cameras are inexpensive. Therefore, the risk of successfully recording a password selection operation is increasing. At an ATM, password authentication may be conducted more than once, e.g., in the case of multiple bank transfers. Therefore, we should be concerned about the multiple video recordings of the password selection operation. The success rate of video-recording attacks is not standard. Hence, for a video-recording attack, we adopt the same success rate as that for a random attack (1/10000). In this article, when there are still more than 10000 password candidates after analyzing the recorded videos, the system is considered to be tolerant to video-recording attacks. III.

Related work

Various studies on authentication methods that use textual passwords have discussed observation attacks [7 -12]. In [7], a password authentication technique called PIN-entry using numeric key entry is proposed. On the display, a white or black background is randomly shown. A user does not designate a password, but selects white or black as the password’s background color. For password entry for each digit, the user designates the background color from a different color pattern four times. This method is safe against shoulder surfing; however, if the input operation is video recorded, the password can be discovered easily. In [8], an interface for textual passwords, S3PAS, is proposed. Many characters are displayed on the interface. A user designates three points where a pass-character is included in a triangle. This method is also safe against shoulder surfing; however, if the input operation is video recorded, the password can be discovered easily. In [9, 10], an authentication method using numeric key entry called FakePointer is proposed. In this method, a disposable “answer selection information” must be retrieved before each authentication. This information specifies a background mark such as a diamond, square, circle, or octagon for the displayed numeric password. For authentication,



the user presses the “Enter” button, which adjusts the password according to the background mark. If the answer selection information is safely retrieved before each authentication, it is tolerant when a user’s password selection operation is video-recorded two times. However, studies do not discuss the safe retrieval of the answer selection information. A textual password entry interface called mobile authentication is proposed in [11, 12]. In this method, the selectable texts are arranged in a square. Each text has a background color. Each password is alphanumeric, and the texts are arranged in a 10 × 5 square using 10 background colors. Each background color appears only once in each row. The color pattern of a row is the permutated color pattern of another row. In this method, a password is divided into multiple short passwords. For example, an 8-length password consists of two 4-length passwords. The user must register the password division pattern, e.g., 4-length and 4-length for the 8-length password, beforehand. In the authentication operation, the user selects the same color for each short password. For example, a red background is used for the former 4-length password, and a green background is used for the latter 4-length password. The color is freely determined by the user for each authentication operation. Although this technique has the restriction that all available texts must be displayed on the authentication interface, it is secure when a user’s password selection operation is video-recorded two times. The method [11, 12] is also applicable to numerical passwords. However, a 12-length numerical password is required for secure use, which might be considered too long by most ATM customers. IV.

Proposed authentication method

A. Requirements for the authentication interface An authentication method is expected to be tolerant to video-recording attacks. However, as the user’s selection operation of a numerical password is assumed to be video recorded two times, attackers may find out the correct password by analyzing the recorded video. In order to avoid it, one solution is introducing additional secret information registered beforehand, which is similar technique used in [11, 12]. However, this increases the amount of information to be memorized by the user. Thus, additional information that must be remembered for a long time should be as small as possible. Thus, the authentication method must satisfy the following requirements: 

It should have sufficient ambiguity in the password selection operation in case the operation is video recorded and analyzed.



Additional secret information to be asked beforehand should be as small and simple as possible.

B. Authentication interface A part of the proposed authentication interface is shown in Fig. 1. In authentication, numeric characters are used for passwords. In this article, the password has a length of 8. The password consists of eight numeric characters. For example, when the password is “34127685,” we use the explanation “its first pass-character is 3 and second passcharacter is 4.” We also use a set of symbols. This can be replaced by a set of icons, colors, or other symbols. The



background marks in [9, 10], and the background colors in [11, 12] are similar to the symbols used in this article. A set of alphabetic characters is used as symbols in this article. In Fig. 1, a sequence of 14 alphabetic symbols is displayed on the lower part of the screen. The displayed symbols move to the right if the user presses the right arrow button. The right-side symbol disappears, and a new symbol appears on the left side of the row. A similar function is accomplished using the left arrow button. The phrase “correct symbol” is used for the method. Deciding the correct symbol is explained later. When the first pass-character is “2” and its correct symbol is “B,” then the user presses the right arrow button two times to place “B” just below “2.” Then, the user presses the “Select” button to input the first pass-character. Then, a new 14-length symbol sequence appears and “2” is displayed on the left bottom of the interface. The new interface is ready for the second pass-character input operation.

Fig. 1 Authentication interface (lower half) Fig. 2 shows a full display of the authentication interface. In the authentication interface, a symbol table consisting of an N × N array is displayed. In this article, N is assumed to be 8. Each symbol in the array is randomly selected and displayed.

Display example with an 8 × 8 symbol table Fig. 2 Authentication Interface Next, deciding the correct symbols for each password is explained. The user must first register a “symbol selection pattern.” An example of the symbol selection pattern is shown in Fig. 3.



Fig. 3 Example of the symbol selection pattern The symbol selection pattern is used with the N × N symbol table. The user can select the start position of the selection pattern in the symbol table. If the second column of the second row in the symbol table in Fig. 2 is selected as the start position, the correct symbol is “H” for the first pass-character, “I” for the second pass-character, “E” for the third pass-character, and “B” for the fourth pass-character. For an 8-length password, the user selects another start position to decide the correct symbols for the fifth to the eighth pass-characters. The start position of the symbol selection pattern is freely determined. Assume that the user selects the third column of the third row as the start position for the first pass-character, and the fifth column of the first row for the fifth passcharacter. Then the correct symbol sequence is “LBHFOIKJ” for the 8-length password. The user may select any start position among one of the 8 × 8 position candidates, where the symbol to the right of the right end symbol (e.g., “R” in the first row) is the left end symbol (“A”) in the same row. In authentication operations, the symbol table does not vary, and the same symbol table is used for all passcharacters. In addition, the numeric tile does not vary. On the other hand, the symbol sequence displayed on the bottom of the authentication interface is updated when the user presses the “Select” button. The symbol sequence is randomly selected and displayed for each pass-character entry. We attempted to evaluate the authentication method described above. However, there are not many password candidates when analyzing video-recorded authentication operations. This method needs to have more ambiguity. Thus, we introduce a “right shift” operation in the authentication method. C.

Introduction of “right shift” for ambiguity Assume that the first pass-character is “2” and its correct symbol is “T.” For the first pass-character entry, the user

moves “T” to just below “2.” This rule is modified to “a user must move the correct symbol to just below 2 or 3.” When the pass-character is “9,” the user moves the correct symbol to just below “9” (position “Q” in Fig. 1), or to the next right position (position “B” in Fig. 1). We refer this as the “right shift” in this article. After the introduction of “right shift,” the number of correct symbols to be analyzed by attackers increases for each pass-character. Thus, the ambiguity of the authentication method increases. For the 8-length password, the user is allowed to use “right shift” a maximum of eight times. If the maximum allowable number of “right shifts” is decided in the authentication operation, it is assumed that it is known to everyone. This is explained again in the next sub-section. In the evaluation, the proposed authentication method is evaluated from the following two viewpoints:



(1) Tolerance to random attacks The success rate of random authentication operation is evaluated. The success rate should be smaller than 1/10000. It is evaluated using a randomly selected symbol table and randomly selected 14-length symbol sequences when the user presses the “Select” button for each pass-character. As the authentication system knows the user’s correct password and its registered symbol selection pattern, it determines the validity of the authentication operations. The success rate is calculated by simulations with random inputs. (2) Tolerance to video-recording attacks When attackers determine the correct symbol selection pattern and the correct 8-length password, they will succeed in authentication. There are 64 × 64 × 64 kinds of different symbol selection patterns, and 10 × 10 × 10 × 10 × 10 × 10 × 10 × 10 kinds of different passwords. However, attackers are assumed to have recorded videos of two different sessions of the same user’s authentication operations. Also, it is assumed that the attackers know the maximum allowable number of “right shifts” in the authentication operation. In the evaluation, the number of password candidates, which is a combination of the symbol selection pattern and the 8-length password, is counted by simulation. The value is an average of the simulation results. D.

Security against random and video-recording attacks Security evaluation results are shown in Fig. 4 to Fig. 7. The length of the password is assumed to be 8, and the

symbol table displayed on the authentication interface is assumed to be 8 × 8. All points in the figures have sufficient tolerance to random and video-recording attacks. The points on the solid line are under 1/10000, and those on the broken line are above 10000. When the authentication system is used with 17 types of symbols, the allowable “right shift” should be 3 to 5 times. If it is too small, i.e., less than 3 times, the system does not have sufficient tolerance to video-recording attacks. If it is too large, i.e., more than 5 times, the system does not have sufficient tolerance to random attacks. When the authentication system is decided, the maximum allowable number of “right shift” is announced to all customers. With the decrease in the number of symbols, the number of password candidates increases. This is because the same symbol appears many times in the symbol table when a small symbol set is used. Therefore, there are many start position candidates for a specific symbol selection pattern, which provides high ambiguity. The success rate of a random attack decreases as the number of symbols increases. This is because the probability of placing the correct symbol in the correct position decreases when many symbols are used for authentication.



Fig. 4 Security evaluation (17 symbols)




From the above results, the 8-length password has sufficient tolerance to random and video-recording attacks using the proposed authentication method. E. Discussion In the proposed method, additional secure information that the user must register and memorize is the symbol selection pattern. The user must memorize the pattern along with a password for a long period of time. However, it is a simple 4-length pattern, with an example shown in Fig. 3. We believe that this method would not be difficult for most users.



During authentication, the correct symbol is used for each pass-character. If the user correctly remembers the symbol selection pattern, the user only decides its start position on the symbol table displayed on the authentication interface. The start position is freely selected. On the other hand, the user must ensure not to exceed the allowed number of “right shifts” during authentication. V. Conclusion This article proposes a user authentication method that uses passwords consisting of numeric characters. A similar conventional method requires more than 12-length numerical passwords to achieve sufficient tolerance when the user’s authentication operation has been video recorded two times. However, the proposed authentication method has sufficient tolerance using only the 8-length numerical passwords.

References 1.

The Mitsubishi Tokyo UFJ bank, ‘A bank report about that the camera was put on secretly at the ATM machine by some person’. http://www.bk.mufg.jp/info/ufj/ufj_20051101.html

2.

Bank of Yokohama, ‘A bank report about that equipment for the sneak shot was installed in the unmanned agency (the ATM out of the store)’. http://www.boy.co.jp/info/pdf/9.pdf

3.

M. Une, T. Matsumoto, ‘About the fragilitas about the living body authentication: It studies mainly a fragilitas about the counterfeiting of a stigma by the finance’, Monetary Research, vol. 24, no. 2, pp. 35-84 (2005)

4.

Banno, ‘The recent trend, the forensic science technology of the living body authentication technology’, vol. 12, no. 1, pp. 1-12 (2007)

5.

Secom Co., Ltd., ‘It begins’ the ATM sneak shot damage prevention service ‘by the offer’ http://www.secom.co.jp/corporate /release/2006/nr20060814.html

6.

NEC, ‘The service of the investigation of the detectaphone and the sneak shot receptacle’ http://www.necf.jp/solution-service/office/hiddenmic-camera/

7.

V. Roth, K. Richter, R. Freidinger, ‘A PIN-entry method resilient against shoulder surfing’, CCS’04, pp. 236-245 (Oct 2004)

8.

H. Zhao, X. Li, ‘S3PAS: A scalable shoulder-surfing resistant textual-graphical password authentication scheme’, IEEE Advanced Information Networking and Applications Workshops 2007, pp. 467-472 (2007)

9.

T. Takada, ‘FakePointer: The authentication technique which has tolerance to video recording attacks’, IPSJ Transaction, vol.49, no.9, pp.3051-3061 (Sep 2008)

10. T. Takada, ‘FakePointer2: The proposal of the user interface to improve safety to the peep attack about the individual authentication’, Cryptography and Information Security Symposium, SCIS2007 (2007) 11. S. Sakurai, M. Yoshida, T. Munaka, ‘Mobile authentication method’, Computer Security Symposium 2004, pp. 625-630 (Oct 2004)



12. S. Sakurai, T. Munaka, ‘Resistance evaluation of user authentication method using matrix against shoulder surfing’, IPSJ Transaction, vol. 49, no. 9, pp. 3038-3051 (Sept 2008) 13. Y. Hirakawa, M. Take, K. Ohzeki, “Pass-Image Authentication Method Tolerant to Random and VideoRecording Attacks”, International Journal of Computer Science and Applications, vol. 9, no. 3, pp. 20-36 (2012) 14. Y. Hirakawa, ‘Random Board: Password Authentication Method with Tolerance to Video-Recording Attacks’, International Journal of Innovation Management and Technology, vol. 4, no. 5, pp.455-460 (2013)


A New Numerical Password Authentication Method

A New Numerical Password Authentication Method

Suggest Documents

A New Approach for Anonymous Password Authentication

Random Board: Password Authentication Method with ... - ijimt

design of a password-based authentication method ...

A Password Authentication Method Tolerant to Video-recording ...

A new One-time Password Method - ScienceDirect.com

Password authentication cracking!

IRJET- Graphical Password Authentication

Password authentication cracking!

Password-Based Authentication: A System Perspective - CiteSeerX

Password Authentication from a Human Factors Perspective

Cryptanalysis of a password authentication scheme ... - ScienceDirect

IRJET- Authentication using Graphical Password

An Enhanced Password-Username Authentication

Dynamic Password Authentication : Designing Step and Security ...

An Intrusion-Tolerant Password Authentication System - acsac

3-D Graphical Password Used For Authentication

Fortifying Password Authentication in Integrated ... - Semantic Scholar

Remote password authentication with smart cards - CiteSeerX

SECURED AUTHENTICATION: 3D PASSWORD - Science and Nature

Improvements on two password-based authentication protocols

Secure password-based authentication in WLAN - CiteSeerX

Password Authentication Schemes - International Journal of Network ...

Authentication and Key Agreement via Memorable Password

session password authentication using image - based