scholarly journals Engineering Graphical Captcha and AES Crypto Hash Functions for Secure Online Authentication

Author(s):  
Nafisah Kheshaifaty ◽  
◽  
Adnan Gutub ◽  

Password alone is currently not trusted for user online authentication and security as threats from hackers continue to grow, requiring highly efficient defense safeguard protection against unauthorized users. Therefore, CAPTCHA techniques came into the picture as an automated assistance to distinguish between humans and robots. The CAPTCHA has several applications in the online security domain requiring to be merged with encrypted hash function benefitting from the facility of the graphical password schemes. This paper proposes engineering an authentication technique using graphical CAPTCHA with an AES encrypted hash password to maintain applicable security accessing systems. We propose three layered security system that joins highly efficient security mechanisms to avoid users’ stress of entering password many times or different other hectic routines in order to save account accessing.

2020 ◽  
Vol 3 (2) ◽  
pp. 182-186
Author(s):  
Lisnayani Silalahi ◽  
Anita Sindar

Data security and confidentiality is currently a very important issue and continues to grow. Several cases concerning data security are now a job that requires handling and security costs that are so large. To maintain the security and confidentiality of messages, data, or information so that no one can read or understand it, except for the rightful recipients, a data security system application with an encryption method using an algorithm is designed. The SHA-1 cryptographic hash function that takes input and produces a 160-bit hash value which is known as the message iteration is usually rendered as a 40-digit long hexadecimal number.


Author(s):  
Keith M. Martin

This chapter discusses cryptographic mechanisms for providing data integrity. We begin by identifying different levels of data integrity that can be provided. We then look in detail at hash functions, explaining the different security properties that they have, as well as presenting several different applications of a hash function. We then look at hash function design and illustrate this by discussing the hash function SHA-3. Next, we discuss message authentication codes (MACs), presenting a basic model and discussing basic properties. We compare two different MAC constructions, CBC-MAC and HMAC. Finally, we consider different ways of using MACs together with encryption. We focus on authenticated encryption modes, and illustrate these by describing Galois Counter mode.


2010 ◽  
Vol 23 (3) ◽  
pp. 357-366
Author(s):  
Miodrag Milic ◽  
Vojin Senk

In this paper we present results of uniform logical cryptanalysis method applied to cryptographic hash function CubeHash. During the last decade, some of the most popular cryptographic hash functions were broken. Therefore, in 2007, National Institute of Standards and Technology (NIST), announced an international competition for a new Hash Standard called SHA-3. Only 14 candidates passed first two selection rounds and CubeHash is one of them. A great effort is made in their analysis and comparison. Uniform logical cryptanalysis presents an interesting method for this purpose. Universal, adjustable to almost any cryptographic hash function, very fast and reliable, it presents a promising method in the world of cryptanalysis.


2017 ◽  
Vol 4 ◽  
pp. 82-86
Author(s):  
Dawid Górniak ◽  
Piotr Kopniak

The data is often the most valuable thing that we collect on our computers. Without proper data security with encryption our valuable information may be illegally used by an unauthorised person. The article presents selected encryption methods and hash functions available in Boucy Castle library for Java programming language. The presented analysis applies to measurement of the speed of signature generation and verification. The signatures are for 240 bit encryption algorithms. In case of a hash function, the analysis refers to the speed of such functions. The fastest encryption algorithm and hash function from the research group were AES and SHA1.


Author(s):  
Abinaya R

Password authentication is the most widely used authentication technique, for it is available at a low cost and easy to deploy. Many users usually set their passwords using familiar vocabulary for its convenience to remember. Passwords may be leaked from weak systems. Vulnerabilities are continuously being determined, and no longer all systems may be well timed patched to resist attacks, which give adversaries an opportunity to illegally access vulnerable systems. To overcome the vulnerabilities of password attacks, here propose a password authentication framework that is designed for secure password storage and could be easily integrated into existing authentication systems. In our framework, first, the received plain password from a client is hashed through a cryptographic hash function (e.g., SHA-512). Then, the hashed password is randomly shuffled to get a negative password. Finally, the negative password is encrypted into an Encrypted Negative Password using a symmetric-key algorithm RC5, to further improve security. The proposed hash function and encryption methodologies make it difficult to break passwords from ENPs. This proposed ENP system will be implemented for banking environment to improve security of password storage and transaction details.


2011 ◽  
Vol 145 ◽  
pp. 552-556 ◽  
Author(s):  
Grace C.W. Ting ◽  
Bok Min Goi ◽  
S. W. Lee

H.264/AVC is a widespread standard for high definition video (HD) for example DVD and HD videos on the internet. To prevent unauthorized modifications, video authentication can be used. In this paper, we present a cryptanalysis of a H.264/AVC video authentication scheme proposed by Saadi et al. [1] at EUSIPCO 2009. Our result will prevent situations where newer schemes are developed from the scheme thus amplifying the flaw. The designers claimed that the scheme can detect modifications on watermarked video. However, we show that an attacker can modify the watermarked video and compute a valid watermark such that the recipient will retrieve a watermark from the modified watermarked video that will match what the recipient computes during video authentication check. Thus, the recipient will think the tampered video is authentic. The first main problem of the scheme is its use of hash functions for watermark generation. Since hash functions are public functions not depending on any secret, the attacker can modify the watermarked video and feed this through the hash function to compute a new watermark. The second problem is that it is possible for the attacker to perform watermark embedding thus producing a modified watermarked video. On receiving the modified video, the recipient recomputes the watermark and compares this with the watermark extracted from the video. They will match because the embedded watermark and recomputed watermark use the same hash function based watermark generation and the same input i.e. the modified video. Our cryptanalysis strategy applies to any watermarking based video authentication scheme where the watermark and embedding are not functions of secrets. As countermeasure, the functions should be designed so that only legitimate parties can perform them. We present two improved schemes that solve this problem based on private key signing functions and message authentication functions respectively.


Author(s):  
Kannan Balasubramanian

Cryptographic Hash Functions are used to achieve a number of Security goals like Message Authentication, Message Integrity, and are also used to implement Digital Signatures (Non-repudiation), and Entity Authentication. This chapter discusses the construction of hash functions and the various attacks on the Hash functions. The Message Authentication Codes are similar to the Hash functions except that they require a key for producing the message digest or hash. Authenticated Encryption is a scheme that combines hashing and Encryption. The Various types of hash functions like one-way hash function, Collision Resistant hash function and Universal hash functions are also discussed in this chapter.


2020 ◽  
Vol 30 (13) ◽  
pp. 2050188
Author(s):  
Zhuo Liu ◽  
Yong Wang ◽  
Gongkun Jiang ◽  
Leo Yu Zhang

The inherent random-like behavior and one-way property of iteration in chaotic systems provide a good basis for designing Hash function. In the era of big data, due to the increasing data capacity in applications, fast Hash functions with parallel mode are highly desirable when authenticating data integrity. We analyze the issue of how to parallelize Hash function with iterative structure. Some security requirements on parallel Hash function are presented. In addition, using chaotic map and block cipher, we construct a keyed parallel Hash function. The message blocks are firstly processed in parallel by a DM-like structure. Furthermore, a tree mode with chaotic map is utilized to combine the outputs of the hash round function in parallel. The proposed Hash function is analyzed by theory and tested by computer simulations. The test results show that the proposed scheme can resist the various common attacks against Hash functions. It satisfies the secure performance requirements of Hash function. Owing to the usage of the parallel mode to process messages, the proposed chaos-based Hash function possess high efficiency and has high potential in applications to guarantee data integrity on a parallel computing platform.


2014 ◽  
Vol 630 ◽  
pp. 99-108
Author(s):  
Andrzej Korczak ◽  
Grzegorz Peczkis ◽  
Tomasz Synowiec ◽  
Ievgenii Altyntsev

This paper presents new construction of a submersible pump which is highly efficient due to the new solutions for flow channels. It includes the results of laboratory tests of the pump of the new construction. It also presents the results of numerical calculations of liquid’s movement in the flow channels of the pump, comparison of computing characteristics and characteristics measured in the laboratory.and an analysis of the essential parameters of the pump’s work which transgression could become a danger for the pump. In case of the danger the security system turns off the engine temporally or permanently.


Sign in / Sign up

Export Citation Format

Share Document