Keylogging-Resistant Visual Authentication Protocols

@article{Nyang2014KeyloggingResistantVA,
  title={Keylogging-Resistant Visual Authentication Protocols},
  author={Daehun Nyang and Aziz Mohaisen and Jeonil Kang},
  journal={IEEE Transactions on Mobile Computing},
  year={2014},
  volume={13},
  pages={2566-2579}
}
The design of secure authentication protocols is quite challenging, considering that various kinds of root kits reside in Personal Computers (PCs) to observe user's behavior and to make PCs untrusted devices. [] Key Result Furthermore, using an extensive case study on a prototype of our protocols, we highlight the potential of our approach for real-world deployment: we were able to achieve a high level of usability while satisfying stringent security requirements.
Visual Authentication Protocol With QR Generation And Image Processing
TLDR
This paper tends to demonstrate however careful visualization style will enhance not solely the safety however conjointly the usability of authentication, and proposes two visual authentication protocols: one may be a one-time-password protocol, and therefore the alternative might be a password-based authentication protocol.
Enhancing Privacy and Security by Visual Authentication System and QR Code Strategy-IJAERD
TLDR
The system has the capability attain to associate abnormal state of simple use whereas fulfilling rigorous security requirements, and the system proposes 2 visual authentication protocols: one may be a one-time-password protocol, and therefore the different mayBe a password-based authentication protocol.
EAM: Architecting Efficient Authentication Model for Internet Security using Image-Based One Time Password Technique
TLDR
The dependency on hardware devices for authentication can be completely eradicated by using Efficient Authentication Model (EAM) and the authentication is well-suited for Internet applications requiring higher levels of security.
On screen randomized blank keyboard
  • N. A. Neenu
  • Computer Science
    2015 National Conference on Recent Advances in Electronics & Computer Engineering (RAECE)
  • 2015
TLDR
A password based visual authentication protocol using random blank keyboard with some special symbols associated with each character is proposed, effective against the key logging attacks and shoulder surfing attacks by increasing the amount of short term memory required in an attack.
On screen randomized blank keyboard
TLDR
A password based visual authentication protocol using random blank keyboard with some special symbols associated with each character is proposed, effective against the key logging attacks and shoulder surfing attacks by increasing the amount of short term memory required in an attack.
A Novel Approaches for Visual Authentication Protocols
TLDR
To do a strong authentication here using QR matrix barcode which are having high capacity to storing plain and encrypted contents, this system enhances the usability as well as security.
Securing password in static password-based authentication: A review
TLDR
In this review paper, previous researches will be examined, various kinds of attacks will be analyzed, results will be compared and loopholes/ drawbacks will be discussed.
Secure Human Authentication with Graphical Passwords
TLDR
This paper proposes a graphical password-based authentication scheme to provide security against the intersection attack launched by an attacker who may record the user’s screen, mouse clicks and keyboard input with the help of video recording devices and key logging software.
...
...

References

SHOWING 1-10 OF 61 REFERENCES
Use Your Illusion: secure authentication usable anywhere
TLDR
This paper proposes and evaluates Use Your Illusion, a novel mechanism for user authentication that is secure and usable regardless of the size of the device on which it is used and demonstrates that, regardless of their age or gender, users are very skilled at recognizing degraded versions of self-chosen images, even on small displays and after time periods of one month.
Designing leakage-resilient password entry on touchscreen mobile devices
TLDR
CoverPad improves leakage resilience by safely delivering hidden messages, which break the correlation between the underlying password and the interaction information observable to an adversary, and is designed to retain most benefits of legacy passwords.
The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes
TLDR
It is concluded that many academic proposals to replace text passwords for general-purpose user authentication on the web have failed to gain traction because researchers rarely consider a sufficiently wide range of real-world constraints.
Leveraging personal devices for stronger password authentication from untrusted computers
TLDR
This work proposes Mobile Password Authentication (MP-Auth), which cryptographically separates a user's long-term secret input from the client PC, and offers transaction integrity, and provides a comprehensive survey of web authentication techniques that use an additional factor of authentication.
Secure Human Identification Protocols
TLDR
This paper provides definitions of what they believe to be reasonable goals for secure human identification and demonstrates that existing solutions do not meet these reasonable definitions and provides solutions which demonstrate the feasibility of the security conditions attached to these definitions, but which are impractical for use by humans.
Graphical passwords: a survey
The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords
Human-Seeded Attacks and Exploiting Hot-Spots in Graphical Passwords
TLDR
The results suggest that these graphical password schemes appear to be at least as susceptible to offline attack as the traditional text passwords they were proposed to replace.
Practical Human-Machine Identification over Insecure Channels
TLDR
This paper develops a new scheme for human-machine identification that improves upon some of the previously proposed human- machine identification schemes and presents a vigorous security analysis of the scheme.
SafeSlinger: An Easy-to-use and Secure Approach for Human Trust Establishment
TLDR
This work proposes SafeSlinger, a system leveraging the proliferation of smartphones to enable people to securely and privately exchange their public keys, and establishes a secure channel offering secrecy and authenticity, which it uses to support secure messaging and file exchange.
Phoolproof Phishing Prevention
TLDR
This work proposes using a trusted device to perform mutual authentication that eliminates reliance on perfect user behavior, thwarts Man-in-the-Middle attacks after setup, and protects a user's account even in the presence of keyloggers and most forms of spyware.
...
...