IJIMT 2013 Vol.4(5): 455-460 ISSN: 2010-0248
DOI: 10.7763/IJIMT.2013.V4.441

Random Board: Password Authentication Method with Tolerance to Video-Recording Attacks

Y. Hirakawa
Abstract— The user authentication is widely used in the automatic teller machines (ATMs) and many Internet services. Recently, the crimes that ATM passwords are stolen using a small charge-coupled device (CCD) cameras have increased. In addition, in the mobile environment, there is a high risk of observation attacks that steal passwords, because many people possess devices such that camera-equipped mobile phones and miniature cameras. In this paper, we propose the authentication methods that are secure against the brute-force and video recording attacks. In the article, a video-recording attack is defined as an attacker’s analysis of videos, in which a user’s password entry operations are recorded once or twice, in order to obtain the user’s password. We propose a basic method and an improved method. In the basic method, a user must provide the correct entry position of each password beforehand. On the other hand, in the improved method, a user does not need to provide any information beforehand, other than the password. The relative security of the two proposed methods is then evaluated.

Index Terms— Observation attacks, password authentication method.

Y. Hirakawa is with the Information Science Engineering Department, Shibaura Institute of Technology, Tokyo, Japan (e-mail: hirakawa@shibaura-it.ac.jp).

[PDF]

Cite: Y. Hirakawa, " Random Board: Password Authentication Method with Tolerance to Video-Recording Attacks," International Journal of Innovation, Management and Technology vol. 4, no. 5, pp. 455-460, 2013.

Copyright © 2008-2015. International Journal of Innovation, Management and Technology. All rights reserved.
E-mail: ijimt@ejournal.net