Abstract
Text password systems are commonly used for identity authentication to access different kinds of data resources or services in cloud environment. However, in the text password systems, the main issue is that it is very hard for users to remember long random alphanumeric strings due to the long‐term memory limitation of the human brain. To address this issue, graphical passwords are accordingly proposed based on the fact that humans have better memory for images than alphanumeric strings. Recently, a Google map graphical password (GMGP) system is proposed, in which a specific location of Google Map is preset as a password for authentication. Unfortunately, the use of graphical passwords increases the risk of exposing passwords under shoulder‐surfing attacks. A snooper can easily look over someone’s shoulder to get the information of a location on map than a text password from a distance, and thus the shoulder‐surfing attacks are more serious for graphical passwords than for text passwords. To overcome this issue, we design a polynomial‐based Google map graphical password (P‐GMGP) system. The proposed P‐GMGP system can not only resist the shoulder‐surfing attacks effectively, but also need much fewer challenge‐response rounds than the GMGP system for authentication. Moreover, the P‐GMGP system is extended to allow a user to be authenticated in cloud environment effectively and efficiently.
Highlights
In modern digital life, people cannot avoid to use passwords for identity authentication
To resist brute force or random guessing attacks, users usually adopt long random alphanumeric strings as strong text passwords, but these strong passwords are hard to remember due to the long-term memory limitations of the human brain. us, many users tend to choose simple passwords that are easy to remember, but they will be cracked by malicious attackers. erefore, it is quite di cult to achieve a good trade-o between passwords’ strength and memorability in text password authentication systems
Erefore, the extended P-Google map graphical password (GMGP) system is suitable for cloud environment
Summary
People cannot avoid to use passwords for identity authentication. The emerging technologies such as cloud computing [1–3] and big data processing [4–12] develop very rapidly Under this background, the password systems play more and more important roles to allow legal users to access di erent kinds of data resource or service in cloud environment. Erefore, instead of using only one picture, the CCPGP systems have been proposed to use a series of pictures and users only need to click one point on each picture. Because Spitzer et al.’s GMGP system uses online Google Map services, it does not need additional storage space for storing a large number of pictures. Both text passwords and graphical passwords are compromised by shoulder-surfing attacks.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call