International Journal of Scientific & Engineering Research, Volume 5, Issue 5, May-2014 445

ISSN 2229-5518

Secured Authentication using 3D Password by

Applying Ultimate Planar Algorithm
P.K.Dhanya, M.Keerthiga, S.Dinakar

Abstract— Providing Authentication to any system leads to provide more security to that system. There are many authentication
techniques are available, Such as textual password, Graphical password, etc. but each of this individually having some limitations &
drawbacks. To overcome the drawbacks of previously existing authentication technique, A new improved authentication technique is used,
This authentication Scheme is called as 3D password. The 3D password is multi-password & multi-factor authentication system as it uses a
various authentication techniques such As textual password, Graphical password etc.In this paper we have introduced our contribution
towards 3D Password to become more secure & more user friendly to users of all categories. This paper also explaining about what is 3D
password?, working of 3D password scheme, some mathematical concept related to 3D password, applications of scheme etc. all these
concepts are briefly introduced & explained in this paper as per sectionwise.Indexterms–Authentication, Multipassword ,Ultimate Planar
algorithm, Textual Passwords,3-D Password, 3-D Virtual Environment.

Index Terms— Secure Password Authentication, Simple Mail Transfer Protocol, Post Office Protocol, Authentication, Multi-password,
Textual Passwords, Ultimate planar algorithm, 3-D Password, 3-D Virtual Environment.

——————————  ——————————

1 INTRODUCTION

S ecure Password Authentication (SPA) is a proprietary Ideally there are two types of Authentication schemes are

IJSER
Microsoft protocol used to authenticate Microsoft email
clients with an electronic mail server when using the
Simple Mail Transfer Protocol (SMTP), Post Office Protocol
(POP), or Internet Message Access Protocol (IMAP). The pro-
tocol was based on the Integrated Windows Authentication
(NTLM) authentication scheme. Authentication is one of the
most important security service provided to system by the
different authentication schemes or algorithms. To protect any
system authentication must be provided, so that only author-
ized persons can have right to use or handle that system &
data related to that system securely. There are many authenti-
cation algorithms are available some are effective & secure but
having some drawback. Previously there are many authentica-
tion techniques were introduced such as graphical password,
text password, Biometric authentication, etc.
Generally there are four types of authentication techniques are
available such as:
Knowledge based: means what you know. Textual password
is the best example of this authentication scheme.
Token based: means what you have. This includes Credit
cards, ATM cards, etc as an example.
Biometrics: means what you are. Includes Thumb impression,
etc.
Recognition Based: means what you recognize. Includes
graphical password, iris recognition, face recognition, etc.
• P.K.Dhanya is pursing CSE,SNS College of Technolo-
gy,India,[email protected].
• M.Keerthiga is pursing CSE,SNS College of Technolo-
gy,India,[email protected],9994412215.
• S.Dinagar is working as Assistant Professor ,SNS College
of Technology,India.
available according to nature of scheme & techniques used,
those types are
1) Recall Based:
In this authentication tech. user need to recall or re-
member his/her password which is created before. Knowledge
based authentication is a part of this technique, E.g. Textual
password, graphical password etc. this technique is commonly
used all over the world where security needed.
2) Recognition Based:
In this user need to identify, recognize password created be-
fore. Recognition based authentication can be used in graph-
ical password. Generally this technique is not use much more
as Recall based is used. Still both recall based & recognition
based authentication techniques having some drawbacks &
limitations when they are used separately or used single au-
thentication scheme at a time. To overcome these drawbacks &
limitations of previously existing authentication schemes. We
have introduced a new authentication scheme which is based
on previously existing schemes. This authentication scheme is
based on combination of passwords called as “3D Password”.
Which is a multifactor scheme uses combination of above dis-
cussed scheme as well as biometric & many other schemes. All
these schemes are implemented in virtual 3D environment
while creating 3d Password. Where this environment contain
various virtual objects through which user interacts with. The
interaction with 3D environment changes as per user changes.
The 3-D password is constructed by observing the actions and
interactions of the user and by observing the sequences of
such actions

IJSER © 2014
http://www.ijser.org
International Journal of Scientific & Engineering Research, Volume 5, Issue 5, May-2014
ISSN 2229-5518
1.1 Authentication
Authentication is a process of validating who are you to
whom you claimed to be or a process of identifying an
individual, usually based on a username and password.
Human Authentication Techniques are as follows:
1. Knowledge Base (What you know)
2. Token Based(what you have)
3. Biometrics(what you are)
4. Recognition Based(What you recognise)
Computer Authentication Techniques are as follows:
1. Textual Passwords (Recall Based)-Recall what you
have created before.
2. Graphical Passwords (Recall Based + Recognition
Based)
3. Biometric schemes (fingerprints, voice recognition
etc)
IJSER
2 EXISTING SYSTEM
In our existing system textual passwords or recognisation are
used.They can be easily hacked by the hacker with permuta-
tions and combinatation.Still both recall based & recognition
based authentication techniques having some drawbacks &
limitations when they are used separately.
3 PROPOSED SYSTEM
Proposed authentication scheme is combination of many other
authentication schemes together. 3D password is combination
of both recall-based (i.e. textual password, etc) & recognition
based (i.e. graphical password, biometrics, etc). so that 3D
password is multifactor & multi password authentication
scheme. Refer fig.3.1
Fig : 3.1 3D password as multi-factor & Multi-password
Authentication Scheme.
For authentication with 3D password a new virtual environ-
ment is introduced called as 3D virtual environment where
user navigate , moving in 3D virtual environment to create a
password which is based on both the schemes. We don‘t use
IJSER © 2014
http://www.ijser.org
446
biometric scheme because biometric having some major
drawbacks (like h/w cost is more) So that we have not inclued
biometric authentication in our 3D password scheme. Be-
cause biometric authentication is efficient over shoulder surf-
ing attacks. But other attacks are venerable & easy on bio-
metric authentication. Also inclusion of biometric may leads to
increasing the cost of scheme & more hardware parts needed.
Fig 3.2 (a) snapshot of Art Gallery
Fig 3.2 (b) snapshot of weather forecasting office.
This shows some snapshots of 3D Virtual Environment[1] of
different real time scenarios created in virtual environment
like art gallery, office, and study room, etc. These virtual envi-
ronments are interactive virtual environment. Because user
can interact with these environment & creates his/her own 3D
password easily[4].
3.1 Objective of Proposed System
1. To provide more secure authentication technique than
existing one.
2. To design & develop more user friendly & easier au-
thentication scheme and giving user to freedom of se-
lecting more than one password scheme as single
system.
3. To overcome the drawbacks & limitations of previ-
ously existing systems (textual password, graphical
password.etc).
4. New scheme should be combination of recall, recogni-
tion, biometrics, and token based authentication
schemes.
4 3D PASSWORD –ARCHITECTURAL STUDY
This section tell about that how to create 3D password & what
are different schemes used to form a complete 3d password..
3D password is multi-factor & multi password authentication
scheme. So that many password schemes like textual pass-
word, graphical password, biometric, etc. password schemes
can be used as a part of 3D password. Choosing of different
schemes are based on category of user who are going to use
this scheme to their system.
International Journal of Scientific & Engineering Research, Volume 5, Issue 5, May-2014
ISSN 2229-5518
4.1 Working of 3D Password Scheme
In 3D password user have to First Authenticate with simple
textual password (I.e. user need to provide user name &
password). Once authentication successful then user moves in
3D virtual environment, Thereafter a computer with keyboard
will be seen on screen. On that screen user have to enter pass-
word (textual).which is stored in a simple text file in the form
of encrypted co-ordinates(x1, y1, z1). After successfully com-
pletion of this authentication, Then user automatically enter
into an art gallery, where he/she has to select multiple point in
that gallery or he can do some action in that environment like
switching button on/off or perform action associated with any
object like opening door, etc.
IJSER
Fig 4.1 Working Of 3D Password
The sequence in which user has clicked (i.e. selecting objects)
that sequence of points are stored in text file in the en-
crypted form. In this way the password is set for that partic-
ular user. For selection of points we have used 3d
Ultimate planar algorithm which is based on convex hull
algorithm from design & analysis of algorithms. Instead of
other algorithm like quick hull it will have worse case op
timal time complexity, it is the reverse of divide and
conquer technique which is called as “marriage before con-
IJSER © 2014
http://www.ijser.org
447
quest”. Next time when user want to access his account
then he has to select all the object which he has selected
at the time of creating password with proper sequence.
This sequence is then compared with coordinates which are
stored in file. If authentication successful thereafter access is
given to authorized user. 3D password working algorithm is
shown in fig.4.1 which will give the flowchart for 3D pass-
word creation & authentication process.
4.2 Point Selection using Ultimate Planar Algorithm
Before seeing about reversal of divide and conquer algorithm
(ULTIMATE PLANAR ) divide and conquer algorithm ad-
heree the following strategy. First break the problem into sub-
problem and then recursively solve the problem.Finally com-
bine the solution of subproblems to get the actual solu-
tion.
In our algorithm
1. First divide the problem into subproblems.
2. Determine how the problem can be solved (with-
out actual combining)
3. Then all the subproblems are solved recursively[5]
4.3 3D Virtual Environment
In this multi-factor authentication scheme the basic building
block used is 3D virtual environment. 3D virtual environment
is created inside a 2D screen, refer Fig 4.2 3D environment is a
real time scenario seen by peoples in day to day life which is
created virtually in 3D virtual environment[1]. We can use any
real time object as a environment like any room or village but
for simplicity we suggest to use small environment like room.
Fig 4.2 Virtual Environment under 2D screen
For selecting the sequence of objects (i.e. points) we have used
a very simple, easy & efficient algorithm called as convex hull
algorithm. The 3d ultimate planar algorithm is used. & also
the points selected are stored in the form of 3d co-ordinate(x,
y, z) in a simple text file. Some design guidelines related to 3d
environment such
1. Virtual environment selected in such a way so that it
is similar to real life object.
International Journal of Scientific & Engineering Research, Volume 5, Issue 5, May-2014
ISSN 2229-5518
2. Every object is unique & distinct from other.
3. Virtual environment size should be considered.
5 MATHEMATICAL CONCEPTS RELATED TO
3D PASSWORD SCHEME
3D password is a authentication technique which can be im-
plemented in 3D virtual environment. As every project having
problem statement which is relation with mathematical con-
cepts like feasibility study, complexities, set theory etc. this
section of paper will explain almost all the mathematical con-
cepts applied while creating 3D password schemes.
5.1 Time Complexity
For calculating the time complexity of 3D password scheme
let‘s assume A be the virtual 3d environment plotting, & B is
algorithmic processing. From this data available we have
come to time complexity of system. Equation (1) gives the time
complexity of proposed system.
Time Complexity = Am + Bn ------------------(1)
Where m is time required to communicate with system, & n is
time required to process each algorithm in 3d environment.
IJSER
5.2 Space Complexity
This system include 3D virtual environment, so that each
point in this environment will having 3 co-ordinate values.
Any point from 3D virtual environment is represented in the
form of (X, Y, Z).Where X, Y & Z are the coordinate values
stored for particular point. We are storing three co-ordinate
values of each point such as (x1, y1, z1). There for space com-
plexity of proposed system is n3.
6 3D PASSWORD SECURE AUTHENTICATION SCHEME
ATTACKS & COUNTER MEASURES
As mentioned earlier 3D password is most secure authentica-
tion. We will see different kinds of attacks & how 3D pass-
word scheme is more secure against different attacks.
6.1 Timing Attacks
This attack is based on how much time required completing
successful sign-in using 3D password scheme. Timing attacks
can be very much effective while Authentication scheme is not
well designed. But, as our 3D password scheme is designed
more securely, these kinds of attacks are not easily possible on
3D Password & also not much effective as well.
6.2 Brute Force Attacks
In This kind of attacks the attacker has to try n number of pos-
sibilities of 3D Password. As these attacks considers following
two points.
1. Required time to login: as in 3d password time re-
quired for successful login varies & is depend on
IJSER © 2014
http://www.ijser.org
448
number of actions & interactions, the size of 3d virtual
environment.
2. Cost required to attack: as 3d password scheme re-
quires 3D virtual environment & cost of creating such
a environment is very high.
6.3 Well-Studied Attacks
In this attack attacker has to study whole password scheme.
After studied about scheme the attacker tries combination of
different attacks on scheme. As 3d password scheme is multi-
factor & multi-password authentication scheme, attacker fail
to studied whole scheme. this attacks also not much effective
against 3D password scheme.
6.4 Key Logger
In this attack attacker install as software called key logger on
system where authentication scheme is used. This software
stores text entered through keyboard & those text are stored in
text file. In this way this attacks is more effective & useful for
only textual password, but as 3D password is multi password
authentication scheme[3]. So that this kind of attacks are not
much effective in this case.
6.5 Shoulder Surfing Attacks
Attacker uses camera for capturing & recording of 3D pass-
word. This attack is more effective than any other attacks on
3D password. So that 3D password[3] must be performed in a
secure place where this attack can‘t be performed. Shoulder
surfing attacks is still effective & easily possible against 3D
password.
6.6 Advantage of 3D Pasword Technique
1. 3D Password scheme is combination of re-call based,
recognized based, Biometrics .etc into single authenti-
cation technique.
2. Due to use of multiple schemes into one scheme
password space is increased to great extend.
3. More secure authentication scheme over currently
available schemes.
6.7 Disadvantage of 3D Pasword Technique
1. Time and memory requirement is large.
2. Shoulder-suffering attack is still can affect the
schema.
3. More expensive as cost required is more than
other schemes.
6.8 Application of 3D Pasword Technique
As 3D password authentication scheme is more useful & more
secure than any other authentication schemas, 3D password[3]
International Journal of Scientific & Engineering Research, Volume 5, Issue 5, May-2014
ISSN 2229-5518
can be used in wide area where more security is needed to
system. Some of areas are as follows:
6.8.1 Networking
Networking involves many areas of computer networks like
client-server architecture, critical servers, etc. To provide more
security to server of this architecture 3D password can be
used. It very efficient & more secure way to keep data or im-
portant information secure from unauthorized people. For
email applications 3D password[2] is most secure & easier
scheme to used.
449
8 REFERENCES
[1] Fawaz A. Alsulaiman and Abdulmotaleb El Saddik, “A Novel 3D
Graphical Password Schema, IEEE International Conference on Vir-
tual Environments, Human-Computer Interfaces, and Measurement
Systems, July 2006.
[2] Duhan Pooja, Gupta Shilpi , Sangwan Sujata, & Gulati Vinita,
―SECURED AUTHENTICATION: 3D PASSWORD, I.J.E.M.S.,
VOL.3(2),242 – 245, 2012.
[3] Grover Aman, Narang Winnie, ―3-D Password: Strengthening the
Authentication Scene‖, International Journal of Scientific & Engineer-
ing Research, Volume 3, Issue 10, October-2012.

6.8.2. Nuclear & Military Areas [4] http://en.wikipedia.org/wiki/3-D_Secure

Nuclear & military area of a country are most important area
where more security is needed we can use 3D password [5]
scheme in this area for more providing more secure authenti-
cation. 3D password scheme can protect data or secrete infor- [6]
mation about these areas very securely.
6.8.3 Airplane & Jetfighters
[7]
There is possibility of misuse of airplanes and jetfighters for
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.69.5331&re
p=rep1&type=pdf
Alsulaiman, F.A.; El Saddik, A.,"Three- for Secure," IEEE
Transactions on Instrumentation and measurement, vol.57, no.9, pp
1929-1938.Sept. 2008.
Vidya Mhaske et al, Int.J.Computer Technology & Applications,
Vol 3 (2), ISSN: 2229-6093, 510-519.

IJSER
religion-political agendas. Such airplanes should be protected
[8] Tejal Kognule and Yugandhara Thumbre and Snehal Kognule, ―3D
by a powerful authentication system. The 3-D password is
password‖, International Journal of Computer Applications (IJCA),
recommended for these systems. In addition, 3-D passwords 2012.
can be used in less critical systems.
[9] A.B.Gadicha , V.B.Gadicha , ―Virtual Realization using 3D Pass-
word‖, in International Journal of Electronics and Computer Science
6.8.4 Other Areas Engineering, ISSN 2277-1956/V1N2-216-222.
We can use 3d password authentication scheme to areas such
as ATM, Cyber cafes, Industries (for data security), Laptop‘s
or PC‘s, critical servers, web services, etc & many more.

7 CONCLUSION
The 3D password is still new & in its early stages. Designing
various kinds of 3D virtual environments, deciding on pass-
word spaces, and interpreting user feedback and experiences
from such environments will result in enhancing and improv-
ing the user experience of the 3D password. Gathering attack-
ers from different background and attack made by them and
how to overcome them is main future work. Shoulder surfing
attacks are still possible so how to overcome that is a field of
research & development. Inclusion of biometrics leads to in-
creasing cost & hardware in scheme, to reduce this is still field
of research. So that 3D password can be used in many applica-
tion areas as discussed earlier & also many more area other
than those. Thus this paper tells about our study about 3D
password, still it is in early stage. Future work is needed in 3D
password scheme to develop this scheme up to more secure
level. Implementing 3D password for mobile handset is the
another important future work of this paper & also our project
too.

IJSER © 2014
http://www.ijser.org