Picpass Algorithm for Solution of Key Exchange Problem in Symmetric and Asymmetric Key Cryptography

In this dissertation a PicPass algorithm is proposed for the solution of Key Exchange problem using Symmetric and Asymmetric key cryptography. Diffie and Hellman proposed an algorithm for key exchange. But this algorithm suffers from Man-in middle attack. So to overcome this problem Seo proposed another algorithm that uses text password for the agreement between two parties. But again the password suffers from offline dictionary attack. In this, a PicPass Protocol i.e. picture is used as a password to make an agreement between two parties. The protocol contains two function i.e. picture function as well as distortion function is used to make picture in a compact size and then it is sent to receiver. Firstly the sender encrypts the Plain Text using Secret Picture and creates the Cipher Text using Symmetric key cryptography.Then the Secret Picture will be encrypted by covered picture resulting into Encrypted Picture.Now the Cipher Text and Encrypted Picture will be placed into digital envolpe and then the envelope will be send to the receiver. The receiver will receive the digital envelope, open it and then decrypt the Encrypted Picture using his Key Picture. This will result the receiver to get the Secret Picture. Now the receiver will open the Cipher Text using the Secret Picture and get the Plain Text. In between if any person wants to predict the Encrypted Picture then he cannot guess as the picture will only be decrypted using the Secret Key which will be only with the receiver. So in this dissertation, a picture is used as a password to authenticate key exchange is that gives practical solution against offline dictionary attacks only by using both private and public key cryptography.

A Three-Tier Authentication Scheme for Kerberized Hadoop Environment

Apache Hadoop answers the quest of handling Bigdata for most organizations. It offers distributed storage and data analysis via Hadoop Distributed File System (HDFS) and Map-Reduce frameworks. Hadoop depends on third-party security providers like Kerberos for its security requirements. Kerberos by itself comes with many security loopholes like Single point of Failure (SoF), Dictionary Attacks, Time Synchronization and Insider Attacks. This paper suggests a solution that aims to eradicate the security issues in the Hadoop Cluster with a focus on Dictionary Attacks and Single Point of Failure. The scheme roots on Secure Remote Password Protocol, Blockchain Technology and Threshold Cryptography. Practical Byzantine Fault Tolerance mechanism (PBFT) is deployed at the blockchain as the consensus mechanism. The proposed scheme outperforms many of the existing schemes in terms of computational overhead and storage requirements without compromising the security level offered by the system. Riverbed Modeller (AE) Simulation results strengthen the aforesaid claims.

Cryptography: A Quantitative Analysis of the Effectiveness of Various Password Storage Techniques

Recently, there has been a rise in impactful data breaches releasing billions of people’s online accounts and financial data into the public domain. The result is an increased importance of effective cybersecurity measures, especially regarding the storage of user passwords. Strong password storage security means that an actor cannot use the passwords in vectors such as credential-stuffing attacks despite having access to breached data. It will also limit user exposure to threats such as unauthorized account charges or account takeovers. This research evaluates the effectiveness of different password storage techniques. The storage techniques to be tested are: BCRYPT Hashing, SHA-256 Hashing, SHA-256 with Salt, and SHA-256 with MD5 Chaining. Following the National Institute of Standards and Technology (NIST) guidelines on password strength, both a weak and robust password will be passed through the stated techniques. Reversal of each of the results will be attempted using Rainbow Tables and dictionary attacks. The study results show that pairing a strong password that has not been exposed in a data breach with the BCRYPT hashing algorithm results in the most robust password security. However, SHA-256 hashing with a salt results in a very similar level of security while maintaining better performance. While plain SHA-256 hashing or chaining multiple hashing algorithms together is theoretically as secure, in practice, they are easily susceptible to simple attacks and thus should not be used in a production environment. Requiring strong password which have not been exposed in previous data breaches was also found to greatly increase security.

ANALYZING PASSWORD DECRYPTION TECHNIQUES USING DICTIONARY ATTACK

To guard ourselves against a word attack or a breach, it is always important to have an awareness of the unremarkably used sorts of attacks. The most common type of attack is password guessing. Hackers can guess the passwords locally or remotely using either manually or through an automated approach. One such attack is Dictionary Attack. A dictionary attack tries to make an authentication mechanism fail by sequentially entering each word in a dictionary as a password or trying to find the decryption key of an encrypted message or document. In this paper, an empirical research on how dictionary attack works are performed. In addition to that, different techniques and approaches to the existing dictionary attacks are implemented to make the system more robust. Furthermore, a comparison of methods is performed to find which approach is better to protect the system.

Toward Improving Secret Sharing Scheme Based on Encryption in Cloud Computing Environment

Flexibility, acceptance of hire of Cloud Computing, control facilities originates a number of challenges. In precise, safety has been widely conveyed to create the key issues which stop movement to the cloud. Shamir’s Secret Sharing Scheme splits the secret message into n shares with threshold k and distribution of shares to n participants and each participant has unique share of secret message. For reconstructing the secret message, minimum k fragments are required. Threshold scheme which requires only k shares to re-construct the secret message is implemented, as collection of shares from all the n participants to reconstruct the secret message may be unfeasible. AES encryption turns out to be totally inappropriate if a password is used as an alternative of providing the key. The attacker finds file, downloads Ax crypt, and brute force/dictionary attacks it until it’s cracked. An additional security can provided to user password which of varying length by splitting the password into n shares. Advance Encryption Standard (AES) procedure is implemented to encipher the produced shares. AES with 256-bit key is applied to encode the share for every member. Covering arrangement alternative to Boolean masking established on Shamir’s Secret Sharing arrangement is suggested.

AcSIS: Authentication System Based on Image Splicing

Text-based passwords are widely used for the authentication of digital assets. Typically, password security and usability is a trade-off, i.e. easy-to-remember passwords have higher usability that makes them vulnerable to brute-force and dictionary attacks. Complex passwords have stronger security but poor usability. In order to strengthen the security in conjunction with the improved usability, we hereby propose a novel graphical authentication system. This system is a picture-based password scheme which comprises of the method of image splicing. Authentication data were collected from 33 different users. The usability of the method was evaluated via a comparison between the number of correct and incorrect authentication attempts and time taken. Additionally, a comparison was made between our proposed method and a complex text-based password authentication method using the authentication success rate. Authentication using image splicing proved to be resilient to brute-force attacks since the processing of images consumes a voluminous password space. The evaluation of the usability revealed that graphical passwords were easy-to-remember, resulting in a higher number of correct attempts. The proposed method produced 50% higher success rate compared to the text-based method. Findings motivate the use of the proposed method for securing digital assets.

Palm Vein Technology for Biometrics

The use and implementation of biometrics for identification and authentication has become more important in the past decade. This is because there has been an increased risk associated with textual passwords such as dictionary attacks, eavesdropping, shoulder surfing etc. We have worked on Palm vein recognition for detecting palm veins in applications for biometric security using near infrared absorption phenomena. The goal is to produce a software prototype that is capable of identifying a person by the vein structures of the hand. The images used for the same were taken from the CASIA-MS-PalmprintV1 database collected by the Chinese Academy of Sciences' Institute of Automation (CASIA). After pre-processing, LDR and DCT have been used for feature extraction and Euclidian Distance is calculated for generating matching score. Acceptance/rejection is based on this matching score. The efficiency obtained was 93.2% when compared with other systems.