Vol: 53(67) No: 2 / June 2008 The Colored Password – Applications of Visual Identification Methods for Financial Applications Neculai Daniel Stoleru Dept. of Mathematics and Informatics, Military Technical Academy, Bd. G. Cosbuc 81-83, 050141 Bucharest, Romania, e-mail: stolerud@gmail.com Victor Valeriu Patriciu Dept. of Mathematics and Informatics, Military Technical Academy, Bd. G. Cosbuc 81-83, 050141 Bucharest, Romania, e-mail: vip@mta.ro, web: http://www.mta.ro Keywords: Identification, Authentication, Internet, Visual Cryptography Abstract The on-line financial applications require without doubt highly secure, easy to use and reliable identification systems. Given the diversity of the financial software and the wide area of the possible running environments, the portability and flexibility of the security systems in use are also determinant factors. Nevertheless, in practice, there are still no straight-forward satisfactory implementation solutions, suitable as an alternative to the actual PIN / password based identification systems. The present paper analyses the most representative visual identification applications that could be used in the financial sector and suggests a possible implementation, which can successfully meet the actual requirements in the financial field. References [1] ID Arts, WWW at http://www.realuser.com/cgi-bin/ru.exe/_ /homepages/users/passface.htm. [2] Ateniese C., Blundo C., De Santis A. and D.R. Stinson, Visual Cryptography for general access structures, accepted for publishing in Inf. and Comp. Available at http://www.eccc.uni-trier.de/eccc as TR096-12. [3] Andrej Bauer. Gallery of random art. WWW at http://www.cs.cmu.edu/~andrej/art/, 2003. [4] G. Blonder, United States patent, 1996. United States Patent 5559961. [5] Blundo C., De Santis A. and D.R. Stinson, On the contrast in visual cryptograpfy schemes. Manuscript. 1996. Available at: ftp://theory.lcs.mit.edu/pub/tcrypto.96-13.ps [6] James T. Bock, Visual Authentication. Project Defence, 2 December, 1996. [7] Rachna Dhamija, Hash visualization in user authentication, in Proceedings of the Computer Human Interaction 2000 Conference, April 2000. [8] Rachna Dhamija, Adrian Perring, Déja Vu: A User Study Using Images for Authentication. [9] S. Droste, New results on visual cryptography, Crypto 96, Springer-Verlag LNCS Vol. 1109, Springer-Verlag, 1996, 401-415. [10] Carl Ellison, Chris Hall, Randy Milbert and Bruce Schneier, Protecting secret keys with personal entropy, in Future Generation Computer Systems, 1999. [11] Ian Jermyn, Alain Mayer, Fabian Monrose, Michael K. Reiter and Aviel D. Rubin, The design and analysis of graphical passwords, in Proceedings of the 8th USENIX Security Symposium, August 1999. [12] Kobara K. and H. Imai, Limiting the visible space visual secret sharing schemes and their application to human identification, Asiacrypt 96, Springer-Verlag LNCS Vol. 1163, 185-195. [13] Udi Manber, A simple scheme to make passwords on one-way functions much harder to crack, Computers and Security, 15(2):171-176, 1996. [14] D. Naccache, Colorful Cryptography – a purely physical secret-sharing scheme based on chromatic filters, in Coding and Information Integrity, French-Israeli workshop, December 1994. [15] Naor M. and A. Shamir, Visual Crytography, Eurocrypt 94, Springer/Verlag LNCS Vol. 950, Springer/Verlag, 1995, 1-12. [16] Naor M. and A. Shamir, Visual Cryptography II: improving the contrast via the cover base, Cambridge Workshop on Cryptographic Protocols, 1996. A complete version available at: ftp://theory.lcs.mit.edu/pub/tcrypto/96-07.ps. [17] Naor M. and B. Pinkas, Visual Authentication and Identification, Advances in Cryptology 97, 322-336, Berlin, 1997. Springer Verlag. Lecture Notes in Computer Science Vol. 1294. [18] Passlogix v - go, WWW, at http://www.passlogix.com, 2000. [19] Adrian Perring and Dawn Song, Hash visualisation: A new technique to improve real-world security, in Proceedings of the 1999 International Workshop on Cryptographic techniques and E-Commerce (CryTEC 99), 1999. [20] Rijmen V. and B. Prenel, Efficient colour visual encryption or „shared colors of Benetton”. Presented in the opening session of Eurocrypt 96. Also available at: http://www.esat.kuleuven.ac.be/~rijmen/vc/. [21] Stinson D.R., An introduction to visual cryptography, presented at Public Key Solutions 97. Available at: http://bibd.unl.edu/~stinson/VCS-PKS.ps. NIST identification projects. WWW at http://csrc.nist.gov/mobiledevices/projects.html. |