Mobile User Authentication Scheme Based on Minesweeper Game
The latest boom in the prevalence of smartphones has been encouraging various personal services to store and utilize important data such as photos and banking information. Thus, the importance of user authentication has also been growing rapidly. Nevertheless, many problems have arisen as a result of the common method of using a four-digit personal identification number (PIN) because of its potential for being breached by a brute force attack or shoulder-surfing attack. Various authentication schemes have been developed to overcome these problems. In this paper, we also propose a new password-based user authentication scheme that utilizes the well-known Minesweeper game, providing better usability as well as greater security. The proposed scheme provides its users a simple method for memorizing their passwords and usable security by allowing them to enter calculated values rather than the password itself.
KeywordsPassword Usable security Authentication Shoulder-surfing attack
This work was supported by a grant from the KEIT funded by the Ministry of Knowledge Economy (10039180).
- 1.Roth V, Richter K, Freidinger R (2004) A PIN-entry method resilient against shoulder surfing. In: Proceedings of the 11th ACM conference on computer and communications security, USA, pp 236–245Google Scholar
- 2.Park SB (2004) A method for preventing input information from exposing to observers. Patent application no.: 10-2004-0039209, KoreaGoogle Scholar
- 3.MinInfo Co., http://www.mininfo.co.kr
- 4.Passfaces, http://www.passfaces.com
- 5.Yi JH, Kim T, Ma G, Yi H, Kim S (2012) Method and apparatus for authenticating password. Patent application no.: US 13/623,409Google Scholar
- 6.Kaye R (2000) Minesweeper is NP-complete. Math Intell 22:9–15Google Scholar
- 7.Olson JR, Olson GM (1990) The growth of cognitive modeling in human-computer interaction since GOMS. Hum Comput Interact 5:221–265Google Scholar
- 8.Lee S, Myung R (2009) Modified GOMS-model for mobile computing. J Soc Korea Ind Syst Eng 32:85–93Google Scholar