graphical dictionaries presentation by roger kahn1 graphical dictionaries & memorable space of...

Graphical Dictionaries Presentation by Roger Kahn

1

Graphical Dictionaries & Memorable Space of Graphical Passwords


2

Memorable Space of Graphical Passwords

Based on Article by Thorpe, van

Oorschot USENIX 2004

Contains References to The Design and Analysis of Graphical Passwords by Jermyn et. al


3


Purpose of Paper Define a class of memorable

graphical passwords Map it on the DAS scheme from

Jermyn et al (Moti’s lecture)


4


Textual Passwords Passwords chosen are usually ones

that are easy to remember Concrete words easier to remember Text Password space used (with high

probability) vulnerable to dictionary attacks since it’s a relatively small subset of total password space


5


Graphical Passwords Recall by people of pictures is better

than words – including concrete nouns

Presumably better since memorable password space and total password space is larger


6


Recall of Pictures that are symmetric are far better

Recall of pictures symmetric around some truly vertical or horizontal axis is still better due to mirror symmetry

Studies indicate that horizontal and vertical symmetry that are centered is still better


7


Are Types of images recalled better than others?

The paper criticizes the visual recall studies due to short recall times in the tests

Suggestion that recall is far better than studied


8


DAS Scheme Review User defined Drawings Repeatable Drawings Start and End Points for drawing Stroke – Movement of the pen on grid

between clearly defined points movements on border not accepted

Password - List of successive points which stroke goes through separated by pen-up

Stroke goes from neighbor to neighbor


9


DAS Scheme Review(cont’d) If current point is (x,y) neighbors are

(x,y+1), (x,y-1), (x+1,y), (x-1, y) Stroke length is # of neighbors drawn

through until pen-up Password Length is the sum of the stroke

lengths Password Space for Lmax=2 on 5X5 grid is

258 8 Character password < 253


10


Proposed Class of Memorable Graphical Passwords Purpose of Study Mirror Symmetrical graphical passwords selected Psychological Studies show recall improved over

time toward mirror symmetrical images Need to remember less(½ of image plus

symmetry axis) Objects viewed and recalled better than pictures


11


Class I of memorable Passwords Mirror Symmetry about a reflection

axis (Vertical or Horizontal) which cuts a 2D set of grid cells of size 5x5

Each Component may be a pair of mirror symmetric components as well

Naming Leaves open possibility for future types


12



13



14



15


Class I of memorable Passwords(cont’d) Assumption: User draws password such that

the composite stroke of each mirror symmetric component are drawn symmetrically

Assumption taken since temporal order of password affects ability of user to recall password

One to many relationship between stroke order and drawing


16


Symmetric Encoding Example


17


Symmetry Example


18


Continuous, Enclosed, Disjoint Cases


19


Continuous, Enclosed, Disjoint Cases


20


Smaller Password Spaces Class Ia – Subset of Class I passwords

whos components are symmetric (individually or pairwise)

Class Ib – Subset of Class Ia. Symmetric around Vertical and Horizontal Axes


21


Quantifying Memorable Password Space General Approach # of passwords given a

maximum stroke length This paper’s method include only symmetric

strokes Stroke set is the number of symmetric

strokes from start to end of length l. # of permutations of 4 directions while

symmetric around a valid axis Parameters are path diversions, room

between current point and the grid bound


22


Approximate Size of Class I Passwords Class I dictionary size very close to

the size of the full password space Class Ia, Ib much more vulnerable to

Brute-Force attacks. It’s a much smaller password space.


23



24


Questions and [email protected]


25


Assignment Why are the password subclasses

more vulnerable to a brute force dictionary attacks?

What is easier for Humans to recall pictures or words?

What types of pictures and words are the easiest to recall?

What is a stroke?

graphical dictionaries presentation by roger kahn1 graphical dictionaries & memorable space of...

Documents