{"title":"Secure authentication protocols to resist off-line attacks on authentication data table","authors":"Vinod Ramesh Falmari, B. M.","doi":"10.3233/jcs-210171","DOIUrl":null,"url":null,"abstract":"In text-based authentication, the passwords along with user names are maintained in the Authentication Data Table (ADT). It is necessary to preserve the privacy of passwords in ADT to avoid offline attacks like brute force attacks, lookup table attacks, etc. In this paper, three password protection schemes, namely Encrypted Image Password (EIP), Dynamic Authentication Data Table (D-ADT), and Extended Encrypted Image Password (EEIP) are proposed for secure authentication. In EIP, the input passwords are first converted to hashed passwords and then transformed into images. Next, these image passwords are encrypted using a novel image password encryption system using chaos functions and confusion-diffusion mechanisms. In D-ADT, the hashed passwords are encrypted using a random key. The major highlight of this scheme is that during every log, the hashed password is encrypted with a new random key while keeping the plain password same as it is. So, during each login of the user, the old encrypted password is replaced with a new encrypted password in the authentication data table. The EEIP scheme combines both approaches. Passwords are converted to images and image passwords are encrypted with the new random key at every login. Performance and security analysis are carried out for the proposed algorithm concerning correlation analysis, differential analysis, entropy analysis, computation time, keyspace, and offline attack analysis.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":"7 1","pages":""},"PeriodicalIF":0.9000,"publicationDate":"2023-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computer Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/jcs-210171","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
In text-based authentication, the passwords along with user names are maintained in the Authentication Data Table (ADT). It is necessary to preserve the privacy of passwords in ADT to avoid offline attacks like brute force attacks, lookup table attacks, etc. In this paper, three password protection schemes, namely Encrypted Image Password (EIP), Dynamic Authentication Data Table (D-ADT), and Extended Encrypted Image Password (EEIP) are proposed for secure authentication. In EIP, the input passwords are first converted to hashed passwords and then transformed into images. Next, these image passwords are encrypted using a novel image password encryption system using chaos functions and confusion-diffusion mechanisms. In D-ADT, the hashed passwords are encrypted using a random key. The major highlight of this scheme is that during every log, the hashed password is encrypted with a new random key while keeping the plain password same as it is. So, during each login of the user, the old encrypted password is replaced with a new encrypted password in the authentication data table. The EEIP scheme combines both approaches. Passwords are converted to images and image passwords are encrypted with the new random key at every login. Performance and security analysis are carried out for the proposed algorithm concerning correlation analysis, differential analysis, entropy analysis, computation time, keyspace, and offline attack analysis.
在基于文本的身份验证中,密码和用户名都保存在身份验证数据表(authentication Data Table, ADT)中。ADT中有必要保护密码的隐私性,以避免暴力破解攻击、查找表攻击等离线攻击。本文提出了加密图像密码(EIP)、动态认证数据表(D-ADT)和扩展加密图像密码(EEIP)三种密码保护方案,用于安全认证。在EIP中,首先将输入密码转换为散列密码,然后将其转换为图像。接下来,使用使用混沌函数和混淆扩散机制的新型图像密码加密系统对这些图像密码进行加密。在D-ADT中,散列密码使用随机密钥进行加密。该方案的主要亮点是,在每次日志期间,散列密码都使用新的随机密钥进行加密,同时保持普通密码不变。因此,在用户每次登录期间,身份验证数据表中的旧加密密码将被替换为新的加密密码。EEIP方案结合了这两种方法。密码被转换为图像,图像密码在每次登录时都用新的随机密钥加密。从相关分析、差分分析、熵分析、计算时间、键空间和离线攻击分析等方面对所提出的算法进行了性能和安全性分析。
期刊介绍:
The Journal of Computer Security presents research and development results of lasting significance in the theory, design, implementation, analysis, and application of secure computer systems and networks. It will also provide a forum for ideas about the meaning and implications of security and privacy, particularly those with important consequences for the technical community. The Journal provides an opportunity to publish articles of greater depth and length than is possible in the proceedings of various existing conferences, while addressing an audience of researchers in computer security who can be assumed to have a more specialized background than the readership of other archival publications.