In Pursuit of Global Competitiveness A Project Report On

PAIR AND COLOR BASED AUTHENTICATION

For the degree of Bachelor of Engineering in Information Technology By ANKITA HATWALNE (BE10F06F026) AARATI REVANWAR (BE10F06F027) KRANTI ZAGADE (BE10F06F031) PRIYANKA BAVISKAR (BE10F06F032) Under the Guidance of Prof. Chitra Gaikwad

Department Of Information Technology Government College Of Engineering ,Aurangabad.

2013-2014

PAIR AND COLOR BASED AUTHENTICATION

Submitted By

ANKITAHATWALNE(BE10F06F026) AARATIREVANWAR(BE10F06F027) KRANTIZAGADE(BE10F06F031) PRIYANKABAVISKAR(BE10F06F032)

In partial fulfillment for award of

Bachelor of Engineering (Information Technology)

Under the Guidance of Prof.ChitraGaikwad

Department Of Information Technology Government College Of Engineering ,Aurangabad. 2013-2014

CERTIFICATE

This is to certify that, the Project entitled Pair and color based Authentication which is being submitted herewith for the award of the Degree of Bachelor of Information Technology in An Autonomous Institute of Government of Maharashtra,Aurangabad during Academic year 2013-2014 in Government College Of Engineering ,Aurangabad.This is the result of the project work and the contribution by AnkitaJ.Hatwalne, AaratiB.Revanwar, KrantiG.Zagade, Priyanka S. Baviskar, under my supervision and guidance.

Place:Aurangabad Date:

Prof.ChitraGaikwad Prof. VarshaGaikwad (Guide) (Head ofDepartment)

Dr.P.S.Adwani Principal Government College of Engineering Aurangabad. List of Abbreviations

AWT GUI JDK LAN SQL JNI API

Abstract Window Toolkit Graphical User Interface Java Development Kit Local Area Network Structured Query Language Java Native Interface Application Programming Interface

E-Mail Electronic Mail SMS JFC Short Message Service Java Foundation Classes

DFD

Data Flow Diagram

III 1.INTRODUCTION
1.1 Introduction
A highly severe menace to any computing device is the impersonation of an authenticate user. The most frequent computer authentication scheme is to use alphanumerical usernames and passwords. But the textual passwords are prone to dictionary attacks, eves dropping, shoulder surfing and social engineering. As such, graphical passwords have been introduced as an alternative to the traditional authentication process. Though the graphical password schemes provide a way of making more user-friendly passwords, while increasing the level of security, they are vulnerable to shoulder surfing. To address this problem, text can be used in combination with the colors and images to generate the session passwords, thereby making a stronger authentication means. In general, session passwords are those that can be used only once and for every new session, a new password is engendered.In this paper, we have proposed two authentication schemes for generating the session passwords which is identified as the primary

level of authentication. Once the user has cleared the primary level, he is then allowed to deal with the secondary level of authentication involving a graphical password scheme. This method is most apposite to the PDAs besides other computing devices, as it is resistant to shoulder surfing. The most popular user authentication approach is the text-based password scheme in which a user enters a login name and password. Despite of its wide usage, the textual passwords have a number of short comes. The simple and straightforward textual passwords are easy to remember, but they are more vulnerable for attackers to break. Whereas the complex and arbitrary passwords makes the system more secure, resisting the brute force search and dictionary attacks, but the difficulty lies in retaining them . Besides this, textual passwords are liable to the shoulder-surfing, hidden cameras, and spy-ware attacks. Consequently, graphical password strategies have been introduced as a substitute for textual passwords schemes, as pictures can be easily remembered when compared with words. Furthermore, it is difficult to formulate automated attacks for graphical passwords.Moreover the password space of the graphical password scheme may extend that of the textual based password.

Acknowledgement

I take this opportunity to express my deep sense of gratitude to Prof.Mrs.C..M.Gaikwad, guide and Prof.V.Gaikwad, Head of Information Technology and Engineering Department for teaching me different ways to approach a PAIR BASED AND COLOUR BASED AUTHENTICATION SCHEME concept and the need to be persistent to accomplish the goal and for his continuous supporting the fulfillment of this project.I also thank

Mr.P.S.Adwani,Principal of Government College of Engineering, Aurangabad for giving his valuable time and sharing his views on the project report. Last but not least I am thankful to all who helped me directly or indirectly.

Ankita J Hatwalne Aarti B Revanwar Kranti G Zagade Priyanka S Baviskar

References
1. R. Dhamija, and A. Perrig. Dj Vu: A User Study Using Images for Authentication. In 9th USENIX Security Symposium, 2000. 2. Real User Corporation: Passfaces. www.passfaces.com 3. Jermyn, I., Mayer A., Monrose, F., Reiter, M., and Rubin., The design and analysis of graphical passwords in Proceedings of USENIX Security Symposium, August 1999. 4. A. F. Syukri, E. Okamoto, and M. Mambo, "A User Identification System Using Signature Written with Mouse," in Third Australasian Conference on Information Security and Privacy (ACISP): Springer-Verlag Lecture Notes in Computer Science (1438), 1998, pp. 403-441. 5. G. E. Blonder, "Graphical passwords," in Lucent Technologies, Inc., Murray Hill, NJ, U. S. Patent, Ed. United States, 1996. 6. Passlogix, site http://www.passlogix.com.

7. HaichangGao, ZhongjieRen, Xiuling Chang, Xiyang Liu UweAickelin, A New Graphical Password Scheme Resistant to Shoulder-Surfing S. Wiedenbeck, J. Waters, J.C. Birget, A. Brodskiy, N. Memon, Design and longitudinal evaluation of a graphical password system. International J. of Human-Computer Studies 63 (2005) 102-127