CAPTCHA AS GRAPHICAL
PASSWORDS—A NEW SECURITY PRIMITIVE BASED ON HARD AI PROBLEMS
ABSTRACT:
Many security primitives are based on hard
mathematical problems. Using hard AI problems for security is emerging as an
exciting new paradigm, but has been underexplored. In this paper, we present a
new security primitive based on hard AI problems, namely, a novel family of
graphical password systems built on top of Captcha technology, which we call
Captcha as graphical passwords (CaRP). CaRP is both a Captcha and a graphical
password scheme. CaRP addresses a number of security problems altogether, such
as online guessing attacks, relay attacks, and, if combined with dual-view
technologies, shoulder-surfing attacks. Notably, a CaRP password can be found
only probabilistically by automatic online guessing attacks even if the
password is in the search set. CaRP also offers a novel approach to address the
well-known image hotspot problem in popular graphical password systems, such as
PassPoints that often leads to weak password choices. CaRP is not a panacea,
but it offers reasonable security and usability and appears to fit well with
some practical applications for improving online security.
EXISTING SYSTEM:
AI
FUNDAMENTAL
task in security is to create cryptographic primitives based on hard
mathematical problems that are computationally intractable. For example, the
problem of integer factorization is fundamental to the RSA public-key
cryptosystem and the Rabin encryption. The discrete logarithm problem is
fundamental to the ElGamal encryption, the Diffie- Hellman key exchange, the
Digital Signature Algorithm, the elliptic curve cryptography and so on.
DISADVANTAGES OF
EXISTING SYSTEM:
v Existing
graphical password schemes where a password can be found within a fixed number
of trials.
v Analyses
on Captcha security were mostly case by case or used an approximate process. No
theoretic security model has been established yet.
PROPOSED
SYSTEM:
In
this paper, we introduce a new security primitive based on hard AI problems, namely,
a novel family of graphical password systems integrating Captcha technology,
which we call
CaRP
(Captcha as gRaphical Passwords). CaRP is click-based
graphical passwords, where a sequence of clicks on an image is used to derive a
password. Unlike other click-based graphical passwords, images used in CaRP are
Captcha challenges, and a new CaRP image is generated for every login attempt.
ADVANTAGES OF PROPOSED
SYSTEM:
v
CaRP also offers protection against
relay attacks, an increasing threat to bypass Captchas protection.
v
Captcha can be circumvented through
relay attacks whereby
v
Captcha challenges are relayed to human
solvers, whose answers are fed back to the targeted application.
SYSTEM CONFIGURATION:-
HARDWARE REQUIREMENTS:-
Processor - Pentium –IV
Speed - 1.1 Ghz
RAM - 512 MB(min)
Hard Disk - 40
GB
Key Board - Standard
Windows Keyboard
Mouse - Two or Three Button Mouse
Monitor - LCD/LED
SOFTWARE
REQUIREMENTS:
Operating
system : Windows XP.
Coding
Language : JAVA
Data
Base : MySQL
Tool : Netbeans.
REFERENCE:
Bin
B. Zhu, Jeff Yan, Guanbo Bao, Maowei Yang, and Ning Xu_, “Captcha as Graphical Passwords—A New
Security Primitive Based on Hard AI Problems” IEEE TRANSACTIONS ON
INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 6, JUNE 2014.
No comments:
Post a Comment