Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication - Communications and Multimedia Security
Conference Papers Year : 2010

Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication

Abstract

We present an information-theoretic discussion of authentication via graphical passwords, and devise a model for entropy estimation. Our results make face-recognition based authentication comparable to standard password authentication in terms of uncertainty (Shannon-entropy) that an adversary is confronted with in both situations. It is widely known that cognitive abilities strongly determine the choice of alphanumeric passwords as well as graphical passwords, and we discuss various selected psychological aspects that influence the selection process. As a central result, we obtain a theoretical limit to the entropy of a face-recognition based authentication in the light of some social engineering techniques (dictionary attacks on graphical passwords). Remarkably, our results hold independently of any information that can be obtained from the internet or through other forms of social engineering. Thus, we obtain very general bounds on the quality of authentication through face-recognition that solely depend on the authentication mechanism.
Fichier principal
Vignette du fichier
cms2010_submission_24.pdf (172.36 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01056381 , version 1 (18-08-2014)

Licence

Identifiers

Cite

Stefan Rass, David Schuller, Christian Kollmitzer. Entropy of Graphical Passwords: Towards an Information-Theoretic Analysis of Face-Recognition Based Authentication. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. pp.166-177, ⟨10.1007/978-3-642-13241-4_16⟩. ⟨hal-01056381⟩
154 View
508 Download

Altmetric

Share

More