DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click
HERE to register or log in.
Accession Number:
AD1046601
Title:
Investigating Background Pictures for Picture Gesture Authentication
Corporate Author:
Naval Postgraduate School Monterey United States
Report Date:
2017-06-01
Abstract:
The military relies heavily on computer systems. Without a strong method of authentication to access these systems, threats to confidentiality,integrity, and availability of government information are likely to be more successful. A recent method of authentication forthe Windows 8 and Windows 10 operating systems is picture gesture authentication PGA, a new approach to entering a password toauthenticate a user during system login. Each PGA password is composed of three gestures that are drawn over a picture chosen bythe user. Strength requirements are set for PGA passwords similarly to text-based passwords. For simplicity, users tend to use shapes,colors, and objects in a picture, called points of interest POI, as guidance when creating each gesture for their password. This conceptprovides an opportunity for potential hackers to make logical password guesses, decreasing the security of PGA. Previous work onPGA security used a proprietary brute-force algorithm to guess passwords based on POIs. We present a similar brute-force algorithmthat is publicly available. We evaluate the efficiency of the new algorithm against various background pictures and propose strengthrequirements to improve the security of PGA.
Descriptive Note:
Technical Report,30 Jun 2016,23 Sep 2016
Supplementary Note:
01 Jan 0001, 01 Jan 0001, Reissued 3 Aug 2017 with corrections to order of in-text source citations. Searched but no prior submission to DTIC.
Pages:
0061
Distribution Statement:
Approved For Public Release;
File Size:
5.59MB
