Polynomial-Based Google Map Graphical Password System against Shoulder-Surfing Attacks in Cloud Environment

Polynomial-Based Google Map Graphical Password System against Shoulder-Surfing Attacks in Cloud Environment

Text password systems are commonly used for identity authentication to access different kinds of data resources or services in cloud environment. However, in the text password systems, the main issue is that it is very hard for users to remember long random alphanumeric strings due to the long-term...

Full description

Saved in:
Bibliographic Details
Main Authors: Zhili Zhou, Ching-Nung Yang, Yimin Yang, Xingming Sun
Format: Article
Language:English
Published: Wiley 2019-01-01
Series:Complexity
Online Access:http://dx.doi.org/10.1155/2019/2875676
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Text password systems are commonly used for identity authentication to access different kinds of data resources or services in cloud environment. However, in the text password systems, the main issue is that it is very hard for users to remember long random alphanumeric strings due to the long-term memory limitation of the human brain. To address this issue, graphical passwords are accordingly proposed based on the fact that humans have better memory for images than alphanumeric strings. Recently, a Google map graphical password (GMGP) system is proposed, in which a specific location of Google Map is preset as a password for authentication. Unfortunately, the use of graphical passwords increases the risk of exposing passwords under shoulder-surfing attacks. A snooper can easily look over someone’s shoulder to get the information of a location on map than a text password from a distance, and thus the shoulder-surfing attacks are more serious for graphical passwords than for text passwords. To overcome this issue, we design a polynomial-based Google map graphical password (P-GMGP) system. The proposed P-GMGP system can not only resist the shoulder-surfing attacks effectively, but also need much fewer challenge-response rounds than the GMGP system for authentication. Moreover, the P-GMGP system is extended to allow a user to be authenticated in cloud environment effectively and efficiently.
ISSN:1076-2787
1099-0526

Similar Items