Security Design Pattern for Login System through Authentication using Modified Sha-384 Algorithm

The research has been carried out to develop secure login system by authenticating the login using modified SHA-384 algorithm. It derives 896-bit hash value for the password entered by the user in the user registration form and saves the credentials entered by the user in system’s database. Results obtained are evaluated by resolving the general attacks confirmed that the modified SHA-384 algorithm was more secured compared to the original SHA-384 algorithm as it was not broken using generic attacks such as brute force, rainbow table and other cracking tools available online such as Cain and Abel. The performance of the modified algorithm was measured with only 2 ms additional execution time from SHA-384.

Execution of Password Authentication Encrypted Negative Password using MD5

Hypothetical Secure mystery express accumulating is a crucial perspective in systems considering secret expression affirmation, which is at this point the most extensively used approval method, disregarding its some security abandons. In this paper, we propose a mysterious key affirmation structure that is expected for secure mystery key storing and could be adequately organized into existing approval systems. In our construction, first, they got plain mystery word from a client is worked out a cryptographic hash work (e.g., SHA-256). By then, the hashed secret expression is changed over into a negative mystery state. Finally, the negative mystery key is encoded into an Encrypted Negative Password (contracted as ENP) using a symmetric-key computation (e.g., AES), and multi activity encryption could be used to furthermore improve security. The cryptographic hash work and symmetric encryption make it difficult to break passwords from ENPs. Furthermore, there are lots of relating ENPs for ensured plain mystery word, which makes pre-computation attacks (e.g., question table attack and rainbow table attack) infeasible. The count multifaceted nature examinations and relationships show that the ENP could go against inquiry table attack and give more grounded secret word security under word reference attack. It merits referring to that the ENP doesn't present extra segments (e.g., salt); other than this, the ENP could regardless face precomputation attacks. Most importantly, the ENP is the primary mystery state confirmation plot that joins the cryptographic hash work, the negative mystery key and the symmetric-key computation, without the necessity for additional information.

Password Substantiation with Negative Password Encryption

Secure secret password storage is an essential perspective in frameworks dependent on secret phrase Substantiation method, which is as yet the most broadly utilized Substantiation confirmation procedure, in spite of its some security imperfections. In this paper, a secret key Substantiation architecture structure is implemented that is intended for secure secret password storage and could be effectively incorporated into existing authentication frameworks. In this framework first the plain password which is received from the customer is given to cryptographic hash component for SHA-256 cryptographic process. After this, the hashed secret password is changed over into a negative secret password phrase. At last, the negative password is encoded/encrypted into an Encrypted Negative Password (ENP) utilizing a symmetric-key computation using for example, AES, and additionally to improve security, multi-repeated encryption could be utilized. The cryptographic hash function and symmetric encryption make it hard to break passwords from ENPs. Also, it provides lots of comparing ENPs for a given plain password, which makes pre-calculation intrusions (e.g., and rainbow table intrusion and query table attacks) infeasible. The complex calculations and comparisons of the algorithm provide good resistance towards intrusions and also provide stronger password protection. The proposed and implemented mechanism for Password Substantiation with Negative Password Encryption is a good secured password protection mechanism that merges cryptographic hash function, the negative password and the symmetric-key algorithm, without the requirement for extra data from the plain password.

KESADARAN AKAN KEAMANAN PENGGUNAAN USERNAME DAN PASSWORD

Mekanisme kontrol yang paling umum untuk mengotentikasi pengguna sistem informasi terkomputerisasi adalah penggunaan password. Tulisan ini membahas kesenjangan dalam mengevaluasi karakteristik dari password yang digunakan kehidupan dalam nyata dan menyajikan hasil studi empiris pada penggunaan password dan resiko serangan dari hacker menggunakan berbagai metode (key logger, phising, shoulder surfing, dictionary, rainbow table). Penelitian ini memberikan manfaat bagi masyarakat mengenai tentang bagaimana seorang hacker dapat dengan mudah memprediksi dan mungkin meretas password. Studi ini memungkinkan pengguna untuk menjadi lebih waspada pada saat menggunakan web online dan layanan cloud yang melakukan berdasarkan password dan username.

Using Improved d-HMAC for Password Storage

Password storage is one of the most important cryptographic topics through the time. Different systems use distinct ways of password storage. In this paper, we developed a new algorithm of password storage using dynamic Key-Hashed Message Authentication Code function (d-HMAC). The developed improved algorithm is resistant to the dictionary attack and brute-force attack, as well as to the rainbow table attack. This objective is achieved by using dynamic values of dynamic inner padding d-ipad, dynamic outer padding d-opad and user’s public key as a seed.