In this Computer Science Project, a new authentication scheme called Color Scheme Authentication is proposed for PDAs. These schemes authenticate the user by session passwords. Session passwords are passwords that are used only once. Once the session is terminated, the session password is no longer useful. For every login process, users input different passwords. The session passwords provide better security against dictionary and brute force attacks as password changes for every session. The proposed authentication schemes use text and colors for generating session passwords.
The most common method used for authentication is textual password. The vulnerabilities of this method like eves dropping, dictionary attack, social engineering and shoulder surfing are well known. Random and lengthy passwords can make the system secure. But the main problem is the difficulty of remembering those passwords. Studies have shown that users tend to pick short passwords or passwords that are easy to remember. Unfortunately, these passwords can be easily guessed or cracked. The alternative techniques are graphical passwords and biometrics. But these two techniques have their own disadvantages. Biometrics, such as finger prints, iris scan or facial recognition have been introduced but not yet widely adopted. The major drawback of this approach is that such systems can be expensive and the identification process can be slow.
There are many graphical password schemes that are proposed in the last decade. But most of them suffer from shoulder surfing which is becoming quite a big problem. There are graphical passwords schemes that have been proposed which are resistant to shoulder-surfing but they have their own drawbacks like usability issues or taking more time for user to login or having tolerance levels. Personal Digital Assistants are being used by the people to store their personal and confidential information like passwords and PIN numbers. Authentication should be provided for the usage of these devices.
In our proposed system is helped to very economic and very useful to user .Thus the project was considerable bringing down the cost estimation of the project.Since in the project we are not using any sophisticated devices or technology thus the implementing it can use the system even if they have minimal computer knowledge and would have to go through any kind of training to use the system.
Instead of just words we proposed a system in which authentication is done using colors and numbers .We give full priority the users in this method.Users can give same value for two different colors.This make the authentication method risk free of shoulder attack,dictionary attack,eves dropping etc. The logic of giving values to colors is fully upto the user.The future usage of color scheme authentication is nused to web service and toolbar format also.The color scheme authentication system was very secure format for password authentication.In this system Rijndael algorithm was using.Which is a key acting between sender and receiver to encrypt and decrypt the message.Speed and cost make symmetrical algorithm it is used to encrypt large amount of data.
Since the proposed system is used to user and admin module are using. The admin can control whosoever is logging on the network and can allow or deny access the process. This is a relatively simple and user friendly applications the user can need not to be tech savvy to use this application. Even the user with basic computer knowledge can use this system with relative ease.
A graphical representation is used to describe and analysis the moment of data through a system manual or automated including the process, storing of data and design in the system. Data flow diagrams are the central tool and the basis from which other components are developed. The transformation of data from input to output through process may be described logically and independently of the physical components associated with the system. They are termed logical data flow diagrams, showing the actual implementation and the movement of data between people, departments and workstations. DFD is the one of the most important modeling tools used in system design. DFD shows the flow of data through different process in the system.
Our authentication system makes your account and data more secure and free from any type of attack. Use of Rijndael encryption algorithm makes it even more complex for attackers. However user finds no complexity while using this authentication system. This makes authentication method risk free of Shoulder attack, Dictionary attack and Eves dropping. We should like to make the following enhancements in the project in the future such as Supplement alphabets for numerical values for colors, Make this is web service and Develop this into a web browser toolbar.