AUTHENTICATION BY ENCRYPTED NEGATIVE PASSWORD
Main Article Content
Abstract
Its about securing the passwords and making the system more secured from
intruders. Secure password storage is a vital aspect in systems based on password authentication,
which is still the most widely used authentication technique, despite its some security flaws.
Most e-commerce sites, consumers have the responsibility of creating their own passwords and
often do so without guidance from the web site or system administrator. One fact is well known
about password creation—consumers do not create long or complicated passwords because they
cannot remember them. Most of the e-commerce sites uses the method where in the passwords
are just encrypted and are not secured properly. In our project, we propose a password
authentication framework that is designed for secure password. In our framework, first the
received plain password from a client is hashed through a cryptographic hash function (Script
and PBKDF2.)Then, the hashed password is converted into a negative password. Finally, the
negative password is encrypted into an Encrypted Negative Password(ENP)(The cryptographic
hash function and symmetric encryption make it difficult to crack passwords from ENPs.
Moreover, there are lots of corresponding ENPs for a given plain password, which makes pre
computation attacks (e.g., Brute Force Attack , Rainbow table attack and Dictionary attack)
infeasible ENP) using a symmetric-key algorithm (e.g., AES), and multi-iteration encryption
could be employed to further improve security.
Downloads
Metrics
Article Details
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
