KR101918461B1 - Authentication method and apparatus using three-dimensional arrangement of images - Google Patents

Abstract

The method of inputting authentication information according to an exemplary embodiment of the present invention is a method of inputting authentication information for device user authentication, comprising the steps of: selecting an image used for authentication from among a plurality of exposed images on a screen; A step of arranging the image on one side of the three-dimensional body, a step of specifying the direction, and a step of determining the arrangement of the image on the three-dimensional solid body on which the position of the image is specified as the input information.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and apparatus for inputting authentication information using a three-

The present invention relates to an authentication technique using an image arrangement, and more particularly, to a method and apparatus for performing authentication using a direction and a position in which a specific image is three-dimensionally arranged.

As the number of smartphone users increases, a variety of services using smartphones are being provided. In order to use them, personal information is stored in smartphones. The importance of user authentication such as passwords is also increasing to prevent such information from being exposed.

Accordingly, the mobile service provider is required to periodically change and complicate the password to the service users. However, since the recent Internet environment requires many IDs and passwords, Since the password tends to be short and easy to guess, a character password input method such as an existing password input method has a great security vulnerability. Therefore, graphical or biometric information based user authentication techniques are more popular than traditional password based password input method.

1 is a diagram showing an authentication process by a passface method. Referring to FIG. 1, Passfaces are security systems that need to recognize face pictures of people to access a computer or computer network. That is, it is a technique of using a face image of a person as a password, and this involves an authentication process between the user and the device. In this authentication method, a user's face image selected in advance in the registration order is used for authentication when user authentication is performed. First, the path face necessary for authentication is selected. The pass face is determined by arranging the face of the person in order corresponding to the password. As shown in Fig. 1, it is decided to basically arrange three human face images. The determined pass face is used for user authentication as well as the password. When a user performs authentication to access a computer or a network, multiple face images are exposed on the screen. When the image of the person designated by the path face is selected from among the images exposed on the screen and a total of three pass face images are selected in order, the authentication is completed. The pass-through authentication method is one of the perception-based authentication methods, and it can compensate the security weakness of the password.

However, since the authentication method using the passphase method exposes portraits information in a recording attack and leaves a trace of the image selected by the user in the case of the smudge attack, when the combination of the two attacks is reproduced, the security information of the user can be easily acquired. It is not safe.

However, among the major attack techniques targeting smartphone security vulnerabilities in recent years, peek attack, recording attack, and smudge attack are all categories of social engineering attack techniques. It is difficult to prevent from the algorithm level with the traditional security method because it is an attack technique through human direct or indirect contact by mistake and unexpected method, and some problems of graphic-based or biometric information-based authentication methods are also revealed, have.

It should be understood that the foregoing description of the background art is merely for the purpose of promoting an understanding of the background of the present invention and is not to be construed as adhering to the prior art already known to those skilled in the art.

It is an object of the present invention to provide a method of inputting authentication information of a device in which an attacker can not easily attack. Still another object of the present invention is to provide an authentication method and apparatus that an attacker can not easily attack.

According to another aspect of the present invention, there is provided a method of inputting authentication information for device user authentication, the method comprising: selecting an image to be used for authentication among a plurality of images exposed on a screen; Placing the selected image on one side of a three-dimensional solid, specifying a direction, and determining the arrangement of the image on the three-dimensional solid object on which the position of the image is specified as input information.

The image may be a letter, number, or special character image.

The image may be a face image of a person.

The three-dimensional solid body may be a polyhedron.

The polyhedron may be a cube.

The process of arranging the image may be to arrange the image on the surface of the three-dimensional solid surface exposed on the screen.

The step of determining the authentication information may further include changing the exposed surface of the three-dimensional object on the screen by rotating the three-dimensional object having the arrangement of the images completed.

An authentication method according to an embodiment of the present invention is an authentication method for authenticating a user by arranging images on a device screen. The authentication method comprises the steps of: selecting an image to be used for authentication among a plurality of images exposed on a screen; A step of locating an image on one side of a three-dimensional solid, a step of specifying a direction, and a step of determining, as input information, an arrangement of the image on a three-dimensional solid object on which the position of the image is specified, And comparing the information with previously registered authentication information to perform authentication.

The image may be a letter, number, or special character image.

The image may be a face image of a person.

The three-dimensional solid body may be a polyhedron.

The polyhedron may be a cube.

The process of arranging the image may be to arrange the image on the surface of the three-dimensional solid surface exposed on the screen.

A user terminal according to an exemplary embodiment of the present invention is a user terminal that performs authentication of a user by arranging images on a screen of a device,

A step of selecting an image to be used for authentication from among a plurality of exposed images on the screen, a step of positioning the selected image on one side of a three-dimensional solid body and arranging directions of the three-dimensional solid body, An authentication information input unit for performing an authentication information input process including determining an arrangement of the image as input information and an authentication process unit for comparing the authentication information inputted through the authentication information input unit with previously registered authentication information, .

According to the embodiment of the present invention, the authentication information can be configured by bypassing the restrictive combination used as the password, thereby effectively responding to an attack that predicts a password such as a random assignment attack. In particular, when the initial user registration step or the leakage from the server does not occur through various arrangements of images, security can be improved because it is difficult to recognize from the outside.

1 is a diagram showing an authentication process by a passface method.
FIG. 2 is a view showing a screen in which an image of a person is exposed according to an embodiment of the present invention.
FIG. 3 illustrates a process of selecting an image required for authentication information according to an embodiment of the present invention. Referring to FIG.
4 is a view showing a result of selecting an image necessary for authentication information according to an embodiment of the present invention.
5 is a diagram illustrating a process of arranging face images in a three-dimensional solid body according to an embodiment of the present invention.
FIG. 6 is a view showing a three-dimensional solid body in which face images are arranged according to an embodiment of the present invention.
7 is a flowchart illustrating an authentication method according to an embodiment of the present invention.
8 is a block diagram illustrating a configuration of a user terminal that provides an authentication method according to an embodiment of the present invention.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to limit the invention. The singular forms as used herein include plural forms as long as the phrases do not expressly express the opposite meaning thereto. Means that a particular feature, region, integer, step, operation, element and / or component is specified, and that other specific features, regions, integers, steps, operations, elements, components, and / And the like.

Unless otherwise defined, all terms including technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Commonly used predefined terms are further interpreted as having a meaning consistent with the relevant technical literature and the present disclosure, and are not to be construed as ideal or very formal meanings unless defined otherwise.

Hereinafter, an authentication information input method according to a preferred embodiment of the present invention will be described with reference to the accompanying drawings.

In the case of a user terminal, in particular a smart phone, the information can be exposed by various attack means. Brute Force Attack, which corresponds to a text-based password, is a frequently used attack technique as an attack method for smartphone encryption methods that users often use. As a classification of social engineering attack technique, Surveillance Attacks in the Developed Form of Attack (Shoulder-Surfing Attack) Surveillance Attack, which utilizes non-human mechanical means such as CCTV, smartphone camera, and high-definition video recording equipment, And Smudge attack (Smudge attack which can infer user's pattern information with pattern traces left on the smartphone screen due to attack on pattern authentication, which is the basic user authentication means of Android-based smartphone, Attack).

A random assignment attack is an attack technique in which a password is searched by substituting all possible information of a dictionary word and a random combination, and the shorter the length of the password, the higher the chance of exposing the password by this attack. Here, recent advances in computer technology have allowed random assignment attacks to be made in a relatively short period of time. The countermeasures against this attack method are to avoid significant character and graphic information at the time of password generation, to combine non-correlated character or graphic information, or to increase the number of digits of password input. However, passwords that the user can memorize have a limit in the number of digits, and mutually insignificant character strings cause confusion of the user. Thus, an effective countermeasure against this attack is to increase the number of cases where random attack is difficult while minimizing the information that the user has to remember.

Therefore, a method of performing authentication by selecting them on a graphic interface through a combination of various images or icons, rather than a password, which is made by combining characters, numbers, etc., which can be used, can be used. The inventor of the present invention has completed the present invention by noting that these images are simply arranged in order and selected, but arranging the selected images on the surface of the three-dimensional solid body by arranging them.

A method of inputting authentication information according to an exemplary embodiment of the present invention includes a process of selecting an image to be used for authentication from among a plurality of images exposed on a screen, a step of locating the selected image on one side of a three- And determining the arrangement of the image on the three-dimensional solid object on which the position of the image is specified as the input information.

First, it is exposed on the screen of a device using an image that can be used as authentication information. These images may be various images, and images such as numbers, letters or special characters may be used, and images such as people, animals, and background may be used. The numbers, letters, or special characters used at this time are not recognized as such, but can be recognized as a two-dimensional image, and fonts of various types can be applied to letters and numbers, and can be used for drawing. Since letters and numbers are recognized as separate images in a state in which the fonts are applied, it is difficult to predict the authentication information simply by guessing the password. It is preferable to use a human face image so that the user can more easily recognize and memorize images other than letters or numbers. The face image of a person can easily recognize the feature in the head and is suitable for use as authentication information. Images on the screen can be exposed in various forms.

FIG. 2 is a view showing a screen in which an image of a person is exposed according to an embodiment of the present invention. As shown in FIG. 2, a face image of a person may be exposed on the screen to select an image to be used for authentication on the screen. It shows the arrangement of nine different face images. The method of arranging the face images can be various, and the number of images arranged according to the size of the screen can be adjusted. In addition, it is possible to arrange a large number of face images continuously using the screen turning function, and the number of images arranged according to the selected image can be adjusted. For example, when the authentication information is input for the first time, it is possible to select the image to be used for the authentication information from the nine images. However, at the time of user authentication, Many combinations are possible.

The user selects an image to be used for authentication among the images exposed on the screen. If you use a mouse like a computer, or if you use a keyboard, you can select each cell to select an image. In the case of using in a touch-type display device such as a smart phone, it is possible to directly touch and select an image required for authentication.

FIG. 3 illustrates a process of selecting an image required for authentication information according to an embodiment of the present invention. Referring to FIG. As shown in Fig. 3, among the nine face images, an image required for authentication is selected. At this time, when the initial authentication information is set, a face image that the user can memorize easily can be selected. At this time, one or more images to be selected may be selected. This can be reduced later than the conventional pass face because it is possible to arrange them later on the three-dimensional solid surface or various combinations depending on their positions. However, in order to make it difficult to expose or predict the authentication information, it is desirable that the number of images to be selected is large, but the number of images to be selected is preferably 3 to 6 since the memory capacity of the user is limited. When the user selects a face image necessary for authentication on the screen, it is possible to separately display the border of the selected image and to give a number on each image in order to designate each order. In the present embodiment, three face images are selected (see Fig. 4).

After each image is selected, the selected image is placed on the outer surface of the three-dimensional solid. The three-dimensional solid body may have various shapes, but may be a polyhedron to place a two-dimensional image on the surface. Since the number of combinations is changed according to the number of faces, the larger the number of faces of the polyhedron, the more various ways of arranging the images can be selected. It is easy to arrange the images on each surface in the future by matching the shape of the image to be arranged according to the shape of the polyhedron surface. For example, when a tetrahedron is used, the shape of each surface corresponds to an equilateral triangle, and the shape of the selected image may be determined to be an equilateral triangle. Also, the used three-dimensional solid body can be used as two or more bodies. That is, if two or more three-dimensional solid objects are used, authentication information can be configured in various combinations according to each combination.

In this embodiment, since a square face image is selected and used, a cube is described.

5 is a diagram illustrating a process of arranging face images in a three-dimensional solid body according to an embodiment of the present invention. The three-dimensional solid used at this time is a cube, and the faces used are the front face, the right face, and the top face. First, the first selected face image is arranged in front as shown in FIG. 5A. In the case of a square, there are four ways of arranging the images so that they coincide with each side. When the upper part of the face image is designated as the reference side, the upper side can be located on the four sides of the upper, lower, left and right sides. When the touch panel is used, the image can be arranged while rotating the image in the front side rectangle while being touched. The number of cases arranged at this time coincides with the number of sides of the polyhedron. Therefore, when an image is arranged using an octahedron, a regular hexagon is formed, so that it is possible to arrange the face images in six directions. After arranging the first face image, the second face image is selected as shown in FIG. 5B and arranged on the right side. In the present embodiment, the face image is arranged such that the upper side of the face is in contact with the lower side. After arranging the second face image, the third face image is selected as shown in FIG. 5C and arranged on the upper face. In the case of the third face image, the face is rotated so that the top of the face is directed to the left.

After selecting the face image as described above on the three-dimensional solid surface, it is determined as input information used for authentication. At this time, it is possible to arrange them using all three-dimensional solid surfaces, or to select only a part of three-dimensional solid surfaces. For example, in the case of using a cube as shown in Fig. 5, it is also possible to arrange a face image by selecting only a face exposed on the screen. When a three-dimensional object is displayed on the screen, it is arranged in a two-dimensional form, so that the face image can be arranged based on the exposed face of the three-dimensional solid object. Also, in the case where the screen image can be changed by rotating the three-dimensional object, it is also possible to use all six surfaces.

FIG. 6 is a view showing a three-dimensional solid body in which face images are arranged according to an embodiment of the present invention. As shown in FIG. 6, it is also possible to determine the input information after changing the surface exposed on the screen by rotating the three-dimensional solid body in a state in which the respective images are arranged, and changing the input information. It is possible to input the authentication information more safely from the external attack by the operation of changing the exposed surface by rotating the arranged image again.

When the authentication information is input in this way, it has a combination that is hard to recognize from the outside when the initial user registration step or the leakage from the server does not occur, and is also safe for an attack type such as a smear attack. Also, it does not contain character information, so it is stable against attacks such as dictionary attacks.

7 is a flowchart illustrating an authentication method according to an embodiment of the present invention. Referring to FIG. 7, an authentication method performed by a user terminal according to an embodiment of the present invention is as follows.

First, an image to be used for authentication is selected from a plurality of images exposed on the device screen (S110). These images may be various images, images of numbers, characters, etc. may be used, and images of people, animals, background, etc. may be used. In this case, the numbers and letters used are not recognized per se but can be recognized as a two-dimensional image, and fonts of various types can be applied to letters and numbers, and it is also possible to use a font. Since letters and numbers are recognized as separate images in a state in which the fonts are applied, it is difficult to predict the authentication information simply by guessing the password. It is preferable to use a human face image so that the user can more easily recognize and memorize images other than letters or numbers. The face image of a person can easily recognize the feature in the head and is suitable for use as authentication information. The user selects an image to be used for authentication among the images exposed on the screen. If you use a mouse like a computer, or if you use a keyboard, you can select each cell to select an image. In the case of using in a touch-type display device such as a smart phone, it is possible to directly touch and select an image required for authentication.

The selected image is positioned on one side of the three-dimensional solid, and the direction is specified (S120). The three-dimensional solid can have various shapes, but it can be a polyhedron to place a two-dimensional image on the surface. Since the number of combinations is changed according to the number of faces, the larger the number of faces of the polyhedron, the more various ways of arranging the images can be selected. It is easy to arrange the images on each surface in the future by matching the shape of the image to be arranged according to the shape of the polyhedron surface. For example, when a tetrahedron is used, the shape of each surface corresponds to an equilateral triangle, and the shape of the selected image may be determined to be an equilateral triangle. For example, in the case of arranging on the surface of a quadrangle, it is possible to rotate the image by 90 degrees and change the arrangement thereof.

Dimensional image array on which the image is specified is determined as the input information (S130). It is also possible to arrange them using all three-dimensional solid surfaces, or to select only a part of three-dimensional solid surfaces. For example, in the case of using a cube, it is also possible to arrange the face image by selecting only the face exposed on the screen. When a three-dimensional object is displayed on the screen, it is arranged in a two-dimensional form, so that the face image can be arranged based on the exposed face of the three-dimensional solid object. Also, in the case where the screen image can be changed by rotating the three-dimensional object, it is also possible to use all six surfaces. The input information to be determined can be determined by rotating the three-dimensional solid object in a state in which the respective images are arranged, changing the surface exposed on the screen, and changing the input surface information. It is possible to input the authentication information more safely from the external attack by the operation of changing the exposed surface by rotating the arranged image again.

The input authentication information is compared with pre-registered authentication information to perform authentication (S200). The user terminal compares input authentication information with pre-registered authentication information and can determine that the authentication is successful if they match. Also, the user terminal can compare the authentication information registered in advance with the authentication information registered in the server or the like linked with the input information, and judge that the authentication is successful.

8 is a block diagram illustrating a configuration of a user terminal that provides an authentication method according to an embodiment of the present invention. As shown in FIG. 8, a user terminal 100 performing an authentication method according to an embodiment of the present invention includes an authentication information input unit 100 and an authentication processing unit 120.

The authentication information input unit 110 may include a process of selecting an image to be used for authentication among a plurality of images exposed on the screen, a process of locating the selected image on one side of a three-dimensional solid, And determining an arrangement of the images on the three-dimensional solid image having the specified three-dimensional shape as input information.

The authentication processing unit 120 can perform authentication by comparing the authentication information input through the authentication information input unit 110 with previously registered authentication information. The user terminal 100 according to the embodiment of the present invention performs the method according to FIG. 5, and the detailed operation can be understood with reference to the description of FIG.

Although the configuration of the user terminal for performing the authentication method according to the embodiment of the present invention has been described for the sake of convenience in the description of each configuration section, it is also possible that two of the configuration sections are combined to form one configuration section, It is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

In addition, the operation of the user terminal performing the authentication using the pattern input method according to the embodiment of the present invention can be implemented as a computer-readable program or code in a computer-readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored. The computer-readable recording medium may also be distributed and distributed in a networked computer system so that a computer-readable program or code can be stored and executed in a distributed manner.

While the present invention has been described in connection with what is presently considered to be practical exemplary embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, but, on the contrary, You will understand.

It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. The scope of the present invention is defined by the appended claims rather than the detailed description, and all changes or modifications derived from the meaning and scope of the claims and their equivalents should be interpreted as being included in the scope of the present invention .

100: user terminal
110: Authentication information input unit
120: Authentication processing unit

Claims (15)

A method for inputting authentication information for device user authentication using a three-dimensional solid body,
Selecting an image to be used for authentication among a plurality of exposed images on the screen;
A step of rotating the three-dimensional solid to determine one side to be exposed;
Placing the selected image on one side of the three-dimensional solid surface exposed on the screen, and specifying the direction of the image within the positioned side;
Rotating the three-dimensional solid object on which the image is disposed; And
And determining the arrangement of the images on the three-dimensional solid image as input information.
The method according to claim 1,
Wherein the image is a character, a number, or a special character image.
The method according to claim 1,
Wherein the image is a face image of a person.
The method according to claim 1,
Wherein the three-dimensional solid body is a polyhedron.
The method of claim 4,
Wherein the polyhedron is a cube.
delete delete delete delete delete delete delete delete delete 1. A user terminal for authenticating a user by arranging an image on a screen of a device using a three-dimensional solid,
A step of selecting an image to be used for authentication among a plurality of images to be exposed on the screen, a step of determining one side to be exposed by rotating the three-dimensional solid body, a step of selecting one side of the three- Determining a direction of the image within the positioned plane, rotating the three-dimensional solid object on which the image is disposed, and determining the arrangement of the image on the three-dimensional solid object as input information An authentication information input unit in which an authentication information input process is performed; And
And an authentication processing unit for comparing the authentication information input through the authentication information input unit and the previously registered authentication information to perform authentication.

Images