Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication

Abstract : We present an information-theoretic discussion of authentication via graphical passwords, and devise a model for entropy estimation. Our results make face-recognition based authentication comparable to standard password authentication in terms of uncertainty (Shannon-entropy) that an adversary is confronted with in both situations. It is widely known that cognitive abilities strongly determine the choice of alphanumeric passwords as well as graphical passwords, and we discuss various selected psychological aspects that influence the selection process. As a central result, we obtain a theoretical limit to the entropy of a face-recognition based authentication in the light of some social engineering techniques (dictionary attacks on graphical passwords). Remarkably, our results hold independently of any information that can be obtained from the internet or through other forms of social engineering. Thus, we obtain very general bounds on the quality of authentication through face-recognition that solely depend on the authentication mechanism.
Type de document :
Communication dans un congrès
Bart Decker; Ingrid Schaumüller-Bichl. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. Springer, Lecture Notes in Computer Science, LNCS-6109, pp.166-177, 2010, Communications and Multimedia Security. 〈10.1007/978-3-642-13241-4_16〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01056381
Contributeur : Hal Ifip <>
Soumis le : lundi 18 août 2014 - 18:06:30
Dernière modification le : lundi 16 octobre 2017 - 11:20:06
Document(s) archivé(s) le : jeudi 27 novembre 2014 - 05:33:11

Fichier

cms2010_submission_24.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Stefan Rass, David Schuller, Christian Kollmitzer. Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication. Bart Decker; Ingrid Schaumüller-Bichl. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. Springer, Lecture Notes in Computer Science, LNCS-6109, pp.166-177, 2010, Communications and Multimedia Security. 〈10.1007/978-3-642-13241-4_16〉. 〈hal-01056381〉

Partager

Métriques

Consultations de la notice

295

Téléchargements de fichiers

361