Abstract
It is well known that humans are far better in recalling person’s face than his name. One of the promising approaches for devising a secure password scheme would be using a set of images as passwords rather than conventional PIN numbers. We have investigated such potential using an experimental paradigm by which security and usability for three different categories of images (i.e. landscapes scenes, random faces, familiar faces) can be compared. The results suggest that performance of the subjects was reliably higher for the “familiar faces” case than for other cases. Issues such as “Known-face attack” and “Camera Attack” were discussed. We propose a more secure, and yet usable, visual password system by exploiting human’s innate capability of fast face identification against serial images of faces and implement it on a PDA for using within the pervasive and mobile environment.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adams, A., Sasse, M.A., Lunt, P.: Users are not enemy: Why users compro-mise computer security mechanisms and how to take remedial measures. Communication of the ACM 42, 40–46 (1999)
Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password- Based Protocols Secure Against Dictionary Attacks. In: Proceedings of the I.E.E.E. Symposium on Research in Security and Privacy, Oakland (May 1992)
Blonder, G.: United States Patents, United States Patents 55599961 (1996)
Dhamija, R., Perrig, A.: Deja Vu: A User Study. In: Using Images for Authentication, USENIX Security Symposium (2000)
Gong, L., Lomas, M.R., Needham, R., Saltzer, J.: Protecting Poorly Chosen Secrets from Guessing Attacks. I.E.E.E. Journal on Selected Areas in Communications 11(5), 648–656 (1993)
Jablon, D.: Strong Password-Only Authenticated Key Exchange. Computer Communication Review, ACM SIGCOMM 26(5), 5–26 (1996)
Kwon, T.: Authentication and Key Agreement via Memorable Passwords. In: ISOC NDSS 2001 (2001)
Nielson, J.: Usability Engineering. Academic Press, London (1993)
Passlogix, http://www.passlogix.com
Paulson, L.D.: Taking a graphical approach to the password. IEEE Computer Magazine 19 (2002)
Perrig, A., Song, D.: Hash visualization: A new technique to improve realworld security. In: Proceeding of the 1999 InternationalWorkshop on Cryptographic Techniques and E-Commerce (1999)
Real User, The science behind passfaces (September 2001); Security Symposium (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, YG., Kwon, T. (2004). An Authentication Scheme Based Upon Face Recognition for the Mobile Environment. In: Zhang, J., He, JH., Fu, Y. (eds) Computational and Information Science. CIS 2004. Lecture Notes in Computer Science, vol 3314. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30497-5_43
Download citation
DOI: https://doi.org/10.1007/978-3-540-30497-5_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24127-0
Online ISBN: 978-3-540-30497-5
eBook Packages: Computer ScienceComputer Science (R0)