We study an authentication method using secret figures of Pattern Lock, called pass patterns. In recent years, it is important to prevent the leakage of personal and company information on mobile devices. Android devices adopt a login authentication called Pattern Lock, which achieves both high resistance to Brute Force Attack and usability by virtue of pass pattern. However, Pattern Lock has a problem that pass patterns directly input to the terminal can be easily remembered by shoulder-surfing attack. In this paper, we propose a shoulder-surfing resistant authentication using pass pattern of Pattern Lock, which adopts a challenge & response authentication and also uses users' short-term memory. We implement the proposed method as an Android application and measure success rate, authentication time and the resistance against shoulder surfing. We also evaluate security and usability in comparison with related work.
So HIGASHIKAWA
Kanazawa University
Tomoaki KOSUGI
Kanazawa University
Shogo KITAJIMA
Kanazawa University
Masahiro MAMBO
Kanazawa University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
So HIGASHIKAWA, Tomoaki KOSUGI, Shogo KITAJIMA, Masahiro MAMBO, "Shoulder-Surfing Resistant Authentication Using Pass Pattern of Pattern Lock" in IEICE TRANSACTIONS on Information,
vol. E101-D, no. 1, pp. 45-52, January 2018, doi: 10.1587/transinf.2017MUP0012.
Abstract: We study an authentication method using secret figures of Pattern Lock, called pass patterns. In recent years, it is important to prevent the leakage of personal and company information on mobile devices. Android devices adopt a login authentication called Pattern Lock, which achieves both high resistance to Brute Force Attack and usability by virtue of pass pattern. However, Pattern Lock has a problem that pass patterns directly input to the terminal can be easily remembered by shoulder-surfing attack. In this paper, we propose a shoulder-surfing resistant authentication using pass pattern of Pattern Lock, which adopts a challenge & response authentication and also uses users' short-term memory. We implement the proposed method as an Android application and measure success rate, authentication time and the resistance against shoulder surfing. We also evaluate security and usability in comparison with related work.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2017MUP0012/_p
Copy
@ARTICLE{e101-d_1_45,
author={So HIGASHIKAWA, Tomoaki KOSUGI, Shogo KITAJIMA, Masahiro MAMBO, },
journal={IEICE TRANSACTIONS on Information},
title={Shoulder-Surfing Resistant Authentication Using Pass Pattern of Pattern Lock},
year={2018},
volume={E101-D},
number={1},
pages={45-52},
abstract={We study an authentication method using secret figures of Pattern Lock, called pass patterns. In recent years, it is important to prevent the leakage of personal and company information on mobile devices. Android devices adopt a login authentication called Pattern Lock, which achieves both high resistance to Brute Force Attack and usability by virtue of pass pattern. However, Pattern Lock has a problem that pass patterns directly input to the terminal can be easily remembered by shoulder-surfing attack. In this paper, we propose a shoulder-surfing resistant authentication using pass pattern of Pattern Lock, which adopts a challenge & response authentication and also uses users' short-term memory. We implement the proposed method as an Android application and measure success rate, authentication time and the resistance against shoulder surfing. We also evaluate security and usability in comparison with related work.},
keywords={},
doi={10.1587/transinf.2017MUP0012},
ISSN={1745-1361},
month={January},}
Copy
TY - JOUR
TI - Shoulder-Surfing Resistant Authentication Using Pass Pattern of Pattern Lock
T2 - IEICE TRANSACTIONS on Information
SP - 45
EP - 52
AU - So HIGASHIKAWA
AU - Tomoaki KOSUGI
AU - Shogo KITAJIMA
AU - Masahiro MAMBO
PY - 2018
DO - 10.1587/transinf.2017MUP0012
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E101-D
IS - 1
JA - IEICE TRANSACTIONS on Information
Y1 - January 2018
AB - We study an authentication method using secret figures of Pattern Lock, called pass patterns. In recent years, it is important to prevent the leakage of personal and company information on mobile devices. Android devices adopt a login authentication called Pattern Lock, which achieves both high resistance to Brute Force Attack and usability by virtue of pass pattern. However, Pattern Lock has a problem that pass patterns directly input to the terminal can be easily remembered by shoulder-surfing attack. In this paper, we propose a shoulder-surfing resistant authentication using pass pattern of Pattern Lock, which adopts a challenge & response authentication and also uses users' short-term memory. We implement the proposed method as an Android application and measure success rate, authentication time and the resistance against shoulder surfing. We also evaluate security and usability in comparison with related work.
ER -