TY - JOUR
T1 - Google Map-based Password Authentication Systems Using Tolerant Distance and Homomorphic Encryption
AU - Zhou, Zhili
AU - Yang, Ching Nung
AU - Wang, Shaowei
AU - Nan, Guoshun
AU - Cimato, Stelvio
AU - Zheng, Yifeng
AU - Wang, Qian
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025/3
Y1 - 2025/3
N2 - Passwords are widely used for authentication in Internet applications. Recently, users tend to adopt graphical passwords instead of traditional alphanumeric passwords, since it is much easier for humans to remember images than verbal representations. However, the existing graphical password authentication systems generally suffer from three main issues. 1) It is required to remember and perform complicated operations during the registration/login phases, which significantly limits the systems' usability; 2) The users' passwords are simply stored as plaintexts in servers, and thus the security is compromised; 3) The users need to register/login to each server separately when they are applied in multi-server environment. To address the above issues, we propose a user-friendly and secure Google map-based graphical password (FS-GMGP) system using tolerant distance and homomorphic encryption. By using a homomorphic encryption scheme, each user encrypts his password point and response point selected on Google map, while the servers compute and decrypt the distance between the two encrypted points and then compare the resulting value with a tolerant distance for authentication. Moreover, the FS-GMGP system is extended for multi-server environment.
AB - Passwords are widely used for authentication in Internet applications. Recently, users tend to adopt graphical passwords instead of traditional alphanumeric passwords, since it is much easier for humans to remember images than verbal representations. However, the existing graphical password authentication systems generally suffer from three main issues. 1) It is required to remember and perform complicated operations during the registration/login phases, which significantly limits the systems' usability; 2) The users' passwords are simply stored as plaintexts in servers, and thus the security is compromised; 3) The users need to register/login to each server separately when they are applied in multi-server environment. To address the above issues, we propose a user-friendly and secure Google map-based graphical password (FS-GMGP) system using tolerant distance and homomorphic encryption. By using a homomorphic encryption scheme, each user encrypts his password point and response point selected on Google map, while the servers compute and decrypt the distance between the two encrypted points and then compare the resulting value with a tolerant distance for authentication. Moreover, the FS-GMGP system is extended for multi-server environment.
KW - Authentication
KW - Digital forensics
KW - Graphical password
KW - Homomorphic encryption
KW - Information security
KW - Network security
UR - http://www.scopus.com/inward/record.url?scp=105000199719&partnerID=8YFLogxK
U2 - 10.1109/TDSC.2025.3549028
DO - 10.1109/TDSC.2025.3549028
M3 - Journal article
AN - SCOPUS:105000199719
SN - 1545-5971
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
ER -