Password Substantiation with Negative Password Encryption

Secure secret password storage is an essential perspective in frameworks dependent on secret phrase Substantiation method, which is as yet the most broadly utilized Substantiation confirmation procedure, in spite of its some security imperfections. In this paper, a secret key Substantiation architecture structure is implemented that is intended for secure secret password storage and could be effectively incorporated into existing authentication frameworks. In this framework first the plain password which is received from the customer is given to cryptographic hash component for SHA-256 cryptographic process. After this, the hashed secret password is changed over into a negative secret password phrase. At last, the negative password is encoded/encrypted into an Encrypted Negative Password (ENP) utilizing a symmetric-key computation using for example, AES, and additionally to improve security, multi-repeated encryption could be utilized. The cryptographic hash function and symmetric encryption make it hard to break passwords from ENPs. Also, it provides lots of comparing ENPs for a given plain password, which makes pre-calculation intrusions (e.g., and rainbow table intrusion and query table attacks) infeasible. The complex calculations and comparisons of the algorithm provide good resistance towards intrusions and also provide stronger password protection. The proposed and implemented mechanism for Password Substantiation with Negative Password Encryption is a good secured password protection mechanism that merges cryptographic hash function, the negative password and the symmetric-key algorithm, without the requirement for extra data from the plain password.

Download Full-text

Secure Banking Transaction using Encryption Based Negative Password Scheme

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit206475 ◽

2020 ◽

pp. 402-410

Author(s):

Abinaya R

Keyword(s):

Hash Function ◽

Low Cost ◽

Password Authentication ◽

Cryptographic Hash Function ◽

Symmetric Key ◽

Authentication Technique

Password authentication is the most widely used authentication technique, for it is available at a low cost and easy to deploy. Many users usually set their passwords using familiar vocabulary for its convenience to remember. Passwords may be leaked from weak systems. Vulnerabilities are continuously being determined, and no longer all systems may be well timed patched to resist attacks, which give adversaries an opportunity to illegally access vulnerable systems. To overcome the vulnerabilities of password attacks, here propose a password authentication framework that is designed for secure password storage and could be easily integrated into existing authentication systems. In our framework, first, the received plain password from a client is hashed through a cryptographic hash function (e.g., SHA-512). Then, the hashed password is randomly shuffled to get a negative password. Finally, the negative password is encrypted into an Encrypted Negative Password using a symmetric-key algorithm RC5, to further improve security. The proposed hash function and encryption methodologies make it difficult to break passwords from ENPs. This proposed ENP system will be implemented for banking environment to improve security of password storage and transaction details.

Download Full-text

Secure Login System using MD5 and AES Attribute Based Encryption Algorithm

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.h6509.069820 ◽

2020 ◽

Vol 9 (8) ◽

pp. 810-814

Keyword(s):

Exchange Process ◽

Encryption Algorithm ◽

Symmetric Encryption ◽

Secret Key ◽

Aes Algorithm ◽

Attribute Based Encryption ◽

Financial Framework ◽

Third Person ◽

Message Digest ◽

Symmetric Key

The cryptographic hash work and symmetric encryption make it hard to break Passwords. Secure secret word stockpiling is a crucial perspective in framework dependent on secret word verification, which is as yet the most broadly utilized confirmation system, notwithstanding its some security imperfections. So basically, this work is based on providing security to the systems. Right now, propose a secret word verification structure that is intended for secure secret word stockpiling and could be effectively coordinated into existing confirmation frameworks. In our system, first, the got plain secret key from a customer is worked out a cryptographic hash work. At that point; the hashed secret word is changed over into a negative secret word. At last, the negative secret word is encoded into an Encrypted Negative Password (ENP) utilizing a symmetric-key calculation, and multi-emphasis encryption could be utilized to additionally improve security. The cryptographic hash work and symmetric encryption make it hard to split passwords from ENPs.We are going to use message digest i.e MD5 and AES algorithm for this purpose. Besides, there are loads of comparing ENPs for a given plain secret key, which makes precomputation assaults infeasible. The calculation multifaceted nature investigations and examinations show that the ENP could oppose query table assault and give more grounded secret word insurance under lexicon assault. It merits referencing that the ENP doesn't present additional components other than this, the ENP could in any case oppose precomputation assaults. We are giving shading coding framework just as key logger idea secret key reason. This shading code framework is hard to break to third person. In key lumberjack the keypad of framework is mix, each time it will change the grouping of catches of 0-9 numbers,subsequent to logging the client one otp will send to client email just as the key squence of the keypad will send on client email. By utilizing this otp and key grouping client will login to framework and it will do the further exchange process. This framework will valuable in future for any financial framework or any verification reason will be utilized.

Download Full-text

Password protection in IT systems

Bulletin of the Military University of Technology ◽

10.5604/01.3001.0011.8036 ◽

2018 ◽

Vol 67 (1) ◽

pp. 73-92 ◽

Cited By ~ 4

Author(s):

Przemysław Rodwald ◽

Bartosz Biernacik

Keyword(s):

Computer Security ◽

Hash Function ◽

Password Authentication ◽

Cryptographic Hash Function ◽

It Systems ◽

Password Protection ◽

Pros And Cons

The aim of the article is to systematise the methods of securing static passwords stored in IT systems. Pros and cons of those methods are presented and conclusions as a recommendation for IT system designers are proposed. At the beginning, the concept of cryptographic hash function is presented, following discussion of methods of storing passwords showing their evolution and susceptibility to modern attacks. Results of research on masked passwords of Polish banks IT systems are presented, as well as the most interesting examples of adaptive password functions are given. Then, the systematisation of password protection methods was carried out. Finally, the directions for further research are indicated. Keywords: computer security, password, authentication, hash function

Download Full-text

Implementing the Secure Protocol for Exchanging the Symmetric Key of FPGA-based Embedded Systems

Research and Development on Information and Communication Technology ◽

10.32913/mic-ict-research.v3.n11.301 ◽

2014 ◽

pp. 45

Author(s):

Tran Thanh ◽

Tran Hoang Vu ◽

Nguyen Van Cuong ◽

Pham Ngoc Nam

Keyword(s):

Encryption Algorithm ◽

Prototype System ◽

Symmetric Encryption ◽

Secret Key ◽

Data Confidentiality ◽

Public Network ◽

Secure Protocol ◽

Symmetric Key ◽

Asymmetric Encryption ◽

Pass Through

Cryptographic solution for protecting data which pass through an insecure public network is widely applied. To ensure the data confidentiality and availability, the secret key must be exchanged securely between parties before beginning a transaction session. This paper presents a protocol to enhance the flexibility and secrecy of symmetric key exchange over the Internet. Our approach uses an asymmetric encryption algorithm to protect symmetric encryption keys from thefts and tampers over a transmission line. In addition, this paper presents a protocol to ensure the integrity, confidentiality of the symmetric key, and the freshness of a transaction session. Experimental results from a prototype system based on FPGA are also revealed.

Download Full-text

Execution of Password Authentication Encrypted Negative Password using MD5

International Journal of Science and Management Studies (IJSMS) ◽

10.51386/25815946/ijsms-v4i2p106 ◽

2021 ◽

pp. 44-48

Author(s):

M. Sridharan ◽

L. Karthika

Keyword(s):

Symmetric Encryption ◽

Password Authentication ◽

Additional Information ◽

Rainbow Table ◽

Symmetric Key

Hypothetical Secure mystery express accumulating is a crucial perspective in systems considering secret expression affirmation, which is at this point the most extensively used approval method, disregarding its some security abandons. In this paper, we propose a mysterious key affirmation structure that is expected for secure mystery key storing and could be adequately organized into existing approval systems. In our construction, first, they got plain mystery word from a client is worked out a cryptographic hash work (e.g., SHA-256). By then, the hashed secret expression is changed over into a negative mystery state. Finally, the negative mystery key is encoded into an Encrypted Negative Password (contracted as ENP) using a symmetric-key computation (e.g., AES), and multi activity encryption could be used to furthermore improve security. The cryptographic hash work and symmetric encryption make it difficult to break passwords from ENPs. Furthermore, there are lots of relating ENPs for ensured plain mystery word, which makes pre-computation attacks (e.g., question table attack and rainbow table attack) infeasible. The count multifaceted nature examinations and relationships show that the ENP could go against inquiry table attack and give more grounded secret word security under word reference attack. It merits referring to that the ENP doesn't present extra segments (e.g., salt); other than this, the ENP could regardless face precomputation attacks. Most importantly, the ENP is the primary mystery state confirmation plot that joins the cryptographic hash work, the negative mystery key and the symmetric-key computation, without the necessity for additional information.

Download Full-text

A CHAOS-BASED CRYPTOGRAPHIC HASH FUNCTION FOR MESSAGE AUTHENTICATION

International Journal of Bifurcation and Chaos ◽

10.1142/s0218127405014489 ◽

2005 ◽

Vol 15 (12) ◽

pp. 4043-4050 ◽

Cited By ~ 33

Author(s):

H. S. KWOK ◽

WALLACE K. S. TANG

Keyword(s):

Hash Function ◽

Initial Conditions ◽

Chaotic Map ◽

High Sensitivity ◽

Message Authentication ◽

Arbitrary Length ◽

Cryptographic Hash Function ◽

Message Digest ◽

Symmetric Key ◽

Sensitivity To Initial Conditions

In this paper, a chaos-based cryptographic hash function is proposed for message authentication where a fixed length message digest can be generated from any messages with arbitrary length. The compression function in-use is developed according to the diffusion and confusion properties of a novel high-dimensional discrete chaotic map. A symmetric key structure can also be easily embedded based on the high sensitivity to initial conditions and system parameters of the map. As demonstrated in experiments, the throughput of the proposed scheme is about 1.5 times of that with MD5, and the hash value appears randomly without any correlation with the message or the key.

Download Full-text

Penerapan Kriptografi Keamanan Data Administrasi Kependudukan Desa Pagar Jati Menggunakan SHA-1

Jurnal Nasional Komputasi dan Teknologi Informasi (JNKTI) ◽

10.32672/jnkti.v3i2.2413 ◽

2020 ◽

Vol 3 (2) ◽

pp. 182-186

Author(s):

Lisnayani Silalahi ◽

Anita Sindar

Keyword(s):

System Application ◽

Data Security ◽

Hash Function ◽

Security System ◽

Cryptographic Hash Function ◽

Security Costs ◽

Encryption Method

Data security and confidentiality is currently a very important issue and continues to grow. Several cases concerning data security are now a job that requires handling and security costs that are so large. To maintain the security and confidentiality of messages, data, or information so that no one can read or understand it, except for the rightful recipients, a data security system application with an encryption method using an algorithm is designed. The SHA-1 cryptographic hash function that takes input and produces a 160-bit hash value which is known as the message iteration is usually rendered as a 40-digit long hexadecimal number.

Download Full-text