scholarly journals ENHANCED MULTI-DEVICE TWO-FACTOR AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY

2021 ◽  
Author(s):  
Jahangir Abbas Mohammed
Keyword(s):  
Mobile Applications ◽  
Single Layer ◽  
Public Key Cryptography ◽  
Public Key ◽  
Message Authentication ◽  
Password Authentication ◽  
Suggested Approach ◽  
Client Server ◽  
Secure Software ◽  
Communication Lines

This paper proposes a secure two-factor authentication (TFA) system that relies on a password and a crypto-capable device. In cases like a compromise of communication lines, server or device vulnerabilities, and offline and online attacks on user passwords, the approach provides the highest feasible security bounds given the collection of compromised components. Using either SAS Message Authentication or any PIN-based Authentication, the suggested approach constructs a TFA scheme. The paper also proposes a secure software architecture for implementing an enhanced public key cryptography system for mobile applications and an efficient implementation of this modular structure that can use any password-based client-server authentication method without relying on risky single- layer password authentication architecture.

scholarly journals ENHANCED MULTI-DEVICE TWO-FACTOR AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY

2021 ◽  
Author(s):  
Jahangir Abbas Mohammed
Keyword(s):  
Mobile Applications ◽  
Single Layer ◽  
Public Key Cryptography ◽  
Public Key ◽  
Message Authentication ◽  
Password Authentication ◽  
Suggested Approach ◽  
Client Server ◽  
Secure Software ◽  
Communication Lines

This paper proposes a secure two-factor authentication (TFA) system that relies on a password and a crypto-capable device. In cases like a compromise of communication lines, server or device vulnerabilities, and offline and online attacks on user passwords, the approach provides the highest feasible security bounds given the collection of compromised components. Using either SAS Message Authentication or any PIN-based Authentication, the suggested approach constructs a TFA scheme. The paper also proposes a secure software architecture for implementing an enhanced public key cryptography system for mobile applications and an efficient implementation of this modular structure that can use any password-based client-server authentication method without relying on risky single- layer password authentication architecture.

scholarly journals ZERO KNOWLEDGE PASSWORD AUTHENTICATION PROTOCOL

2012 ◽  
pp. 30-34
Author(s):  
NIVEDITA DATTA
Keyword(s):  
Mutual Authentication ◽  
Public Key Cryptography ◽  
Authentication Protocol ◽  
Public Key ◽  
Zero Knowledge ◽  
Password Authentication ◽  
Valuable Data ◽  
Authentication Server ◽  
Simple Protocol ◽  
Zero Knowledge Proof

In many applications, the password is sent as cleartext to the server to be authenticated thus providing the eavesdropper with opportunity to steal valuable data. This paper presents a simple protocol based on zero knowledge proof by which the user can prove to the authentication server that he has the password without having to send the password to the server as either cleartext or in encrypted format. Thus the user can authenticate himself without having to actually reveal the password to the server. Also, another version of this protocol has been proposed which makes use of public key cryptography thus adding one more level of security to the protocol and enabling mutual authentication between the client & server.

Analisis dan Implementasi Protokol Otentikasi FIDO U2F

2017 ◽  
Vol 9 (1) ◽  
pp. 30-35
Author(s):  
Sunderi Pranata ◽  
Hargyo Tri Nugroho ◽  
Hirofumi Yamaki
Keyword(s):  
Public Key Cryptography ◽  
Authentication Protocol ◽  
Public Key ◽  
Next Generation ◽  
Index Terms ◽  
Mitm Attack

It is known that password itself is not enough for formidable authentication method since it has a lot of vulnerabilities. Multi factor authentication (MFA) is introduced for the next generation for good authentication to address that issue. MFA combines two or more of three principles of good security, “something you know”, “something you have”, and “something you are”. Most MFA mechanisms work as one time passwords (OTP). However, they can still be vulnerable to phishing and MiTM attack. On top of that, OTP can be hard to use as it requires user to input another password given by the device (SMS, token, authenticator). Implemented in small USB U2F device, FIDO U2F delivers easier yet stronger security on authentication process which implements public key cryptography, challenge-response protocol, and phishing and MitM protection.  Index Terms— Authentication protocol, FIDO U2F, Multi factor authentication, OTP

IMPLEMENTASI ALGORITMA SCHMIDT-SAMOA PADA ENKRIPSI DEKRIPSI EMAIL BERBASIS ANDROID

2013 ◽  
Vol 9 (1) ◽  
Author(s):  
Willy Ristanto ◽  
Willy Sudiarto Raharjo ◽  
Antonius Rachmat Chrismanto
Keyword(s):  
Public Key Cryptography ◽  
Text Messages ◽  
Public Key ◽  
Client Application ◽  
Performance Measurements ◽  
Encryption And Decryption ◽  
Number Variation

Cryptography is a technique for sending secret messages. This research builds an Android-based email client application which implement cryptography with Schmidt-Samoa algorithm, which is classified as a public key cryptography. The algorithm performs encryption and decryption based on exponential and modulus operation on text messages. The application use 512 and 1024 bit keys. Performance measurements is done using text messages with character number variation of 5 – 10.000 characters to obtain the time used for encryption and decryption process. As a result of this research, 99,074% data show that decryption process is faster than encryption process. In 512 bit keys, the system can perform encryption process in 520 - 18.256 miliseconds, and decryption process in 487 - 5.688 miliseconds. In 1024 bit keys, system can perform encryption process in 5626 – 52,142 miliseconds (7.388 times slower than 512 bit keys) and decryption process with time 5463 – 15,808 miliseconds or 8.290 times slower than 512 bit keys.

Sign in / Sign up

Export Citation Format

Share Document