Two factor authentication using Visual Cryptography and Digital Envelope in Kerberos

Abstract

Impersonation is the obvious security risk in an undefended distributed network. An adversary pretends to be a client and can have illicit access to the server. To counter this threat, user authentication is used which is treated as the first line of defense in a networked environment. The most popular and widely used authentication protocol is Kerberos. Kerberos is the de facto standard, used to authenticate users mutually by the use of trusted third party. But this strong protocol is vulnerable to various security attacks. This paper gives an overview of Kerberos protocol and its existing security problems. To enhance security and combat security attacks, it also describes a novel approach of incorporating the features of Visual Cryptography and Digital Envelope into Kerberos. Using Visual cryptography, we have added one more layer of security by considering a secret share as one of the factor of providing mutual authentication. While the session key is securely distributed by using the concept of Digital envelope in which user's private key is considered as another factor of authentication. Thus, our proposed scheme makes the Kerberos protocol highly robust, secure and efficient.