Title: I-SLASS: an improved login approach over SLASS

Authors: Nilesh Chakraborty; Samrat Mondal

Addresses: Department of Computer Science and Engineering, Indian Institute of Technology, Patna, Bihar, India ' Department of Computer Science and Engineering, Indian Institute of Technology, Patna, Bihar, India

Abstract: In a password-based authentication scheme, shoulder surfing attack is a common problem. To overcome this, challenge response scheme is a possible solution. However, to address this security aspect the authentication schemes should not compromise too much with the usability aspect. Thus, the main challenge in such schemes is to provide a balance between security and usability aspect. In this paper, some partially observable shoulder surfing resilient schemes such as SSSL, SLASS are analysed and their limitations have been overcome in the proposed I-SLASS scheme which is built on top of SLASS concept. Two variants of I-SLASS schemes are developed. I-SLASS-CPASS is used to address character-based password and I-SLASS-DPASS uses the digit-based PIN. Experimental analysis shows that both the variants are more secure and more flexible compared to their respective counterpart, i.e., SLASS and SSSL.

Keywords: password-based authentication; shoulder surfing attacks; partially observable scheme; login approach; SLASS; security.

DOI: 10.1504/IJTMCC.2014.067375

International Journal of Trust Management in Computing and Communications, 2014 Vol.2 No.4, pp.309 - 329

Received: 23 Apr 2014
Accepted: 20 Sep 2014
Published online: 21 Feb 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article