Open Access   Article Go Back

Design and Implementation of Encrypted Negative Password

Manasa N1 , reethi P2 , akshitha R3 , Jyothi V4 , Lakshmikantha S5

Section:Survey Paper, Product Type: Journal Paper
Volume-07 , Issue-15 , Page no. 111-115, May-2019

CrossRef-DOI:   https://doi.org/10.26438/ijcse/v7si15.111115

Online published on May 16, 2019

Copyright © Manasa N, Preethi P, Rakshitha R, Jyothi V, Lakshmikantha S . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

View this paper at   Google Scholar | DPI Digital Library

XML View
PDF Download

How to Cite this Paper

  • IEEE Citation
  • MLA Citation
  • APA Citation
  • BibTex Citation
  • RIS Citation

IEEE Style Citation: Manasa N, Preethi P, Rakshitha R, Jyothi V, Lakshmikantha S, “Design and Implementation of Encrypted Negative Password,” International Journal of Computer Sciences and Engineering, Vol.07, Issue.15, pp.111-115, 2019.

MLA Style Citation: Manasa N, Preethi P, Rakshitha R, Jyothi V, Lakshmikantha S "Design and Implementation of Encrypted Negative Password." International Journal of Computer Sciences and Engineering 07.15 (2019): 111-115.

APA Style Citation: Manasa N, Preethi P, Rakshitha R, Jyothi V, Lakshmikantha S, (2019). Design and Implementation of Encrypted Negative Password. International Journal of Computer Sciences and Engineering, 07(15), 111-115.

BibTex Style Citation:
@article{N_2019,
author = {Manasa N, Preethi P, Rakshitha R, Jyothi V, Lakshmikantha S},
title = {Design and Implementation of Encrypted Negative Password},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {5 2019},
volume = {07},
Issue = {15},
month = {5},
year = {2019},
issn = {2347-2693},
pages = {111-115},
url = {https://www.ijcseonline.org/full_spl_paper_view.php?paper_id=1210},
doi = {https://doi.org/10.26438/ijcse/v7i15.111115}
publisher = {IJCSE, Indore, INDIA},
}

RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v7i15.111115}
UR - https://www.ijcseonline.org/full_spl_paper_view.php?paper_id=1210
TI - Design and Implementation of Encrypted Negative Password
T2 - International Journal of Computer Sciences and Engineering
AU - Manasa N, Preethi P, Rakshitha R, Jyothi V, Lakshmikantha S
PY - 2019
DA - 2019/05/16
PB - IJCSE, Indore, INDIA
SP - 111-115
IS - 15
VL - 07
SN - 2347-2693
ER -

           

Abstract

Secure password storage is the essential feature in system based on password verification, which is most broadly used verification technique, despite its some security weakness. In this paper, a password authentication scheme that is designed for secure password storage and could be easily consolidated into present authentication systems. In this framework the client enters the plain password which is hashed through the cryptographic hash function such as SHA-256. This hash function isthen converted into negative password. Finally using a symmetric-key algorithm such as Advanced Encryption Standard the negative password is encrypted into an ENP(Encrypted Negative Password).So this method makes it difficult for the intruder to crack the password. ENP method overcomes pre computation attacks.ENP does not provide extra elements such as salt which is one of useful advantage.ENP is the first password protection scheme which integrates cryptographic hash function, the negative password and the symmetric-key algorithm in a successful way.

Key-Words / Index Term

Authentication, negative database, symmetric key algorithm

References

[1] J. Bonneau, C. Herley, P. C. van Oorschot, and F. Stajano, “Passwords and the evolution of imperfect authentication,” Communications of the ACM, vol. 58, no. 7, pp. 78–87, Jun. 2015.
[2] M. A. S. Gokhale and V. S. Waghmare, “The shoulder surfing resistant graphical password authentication technique,” Procedia Computer Science, vol. 79, pp. 490–498, 2016.
[3] J. Ma, W. Yang, M. Luo, and N. Li, “A study of probabilistic password models,” in Proceedings of 2014 IEEE Symposium on Security and Privacy, May 2014, pp. 689–704.
[4] A. Adams and M. A. Sasse, “Users are not the enemy,” Communications of the ACM, vol. 42, no. 12, pp. 40–46, Dec. 1999.
[5] E. H. Spafford, “Opus: Preventing weak password choices,” Computers & Security, vol. 11, no. 3, pp. 273–278, 1992.
[6] Y. Li, H. Wang, and K. Sun, “Personal information in passwords and its security implications,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 10, pp. 2320–2333, Oct. 2017.
[7] D. Florencio and C. Herley, “A large-scale study of web password habits,” in Proceedings of the 16th International Conference on World Wide Web. ACM, 2007, pp. 657–666.
[8] R. Shay, S. Komanduri, A. L. Durity, P. S. Huh, M. L. Mazurek, S. M. Segreti, B. Ur, L. Bauer, N. Christin, and L. F. Cranor, “Designing password policies for strength and usability,” ACM Transactions on Information and System Security, vol. 18, no. 4, pp. 13:1–13:34, May 2016.
[9] D. Wang, D. He, H. Cheng, and P. Wang, “fuzzyPSM: A new password strength meter using fuzzy probabilistic context-free grammars,” in Proceedings of 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Jun. 2016, pp. 595–606.
[10] H. M. Sun, Y. H. Chen, and Y. H. Lin, “oPass: A user authentication protocol resistant to password stealing and password reuse attacks,” IEEE Transactions on Information Forensics and Security, vol. 7, no. 2, pp. 651–663, Apr. 2012.
[11] M. Zviran and W. J. Haga, “Password security: An empirical study,” Journal of Management Information Systems, vol. 15, no. 4, pp. 161– 185, 1999.
[12] P. Andriotis, T. Tryfonas, and G. Oikonomou, “Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method,” in Proceedings of Human Aspects of Information Security, Privacy, and Trust. Springer International Publishing, 2014, pp. 115– 126.
[13] D. P. Jablon, “Strong password-only authenticated key exchange,” SIGCOMM Computer Communication Review, vol. 26, no. 5, pp. 5–26, Oct. 1996.
[14] J. Jose, T. T. Tomy, V. Karunakaran, A. K. V, A. Varkey, and N. C. A., “Securing passwords from dictionary attack with character-tree,” in Proceedings of 2016 International Conference on Wireless Communications, Signal Processing and Networking, Mar. 2016, pp. 2301–2307.
[15] A. Arora, A. Nandkumar, and R. Telang, “Does information security attack frequency increase with vulnerability disclosure? an empirical analysis,” Information Systems Frontiers, vol. 8, no. 5, pp. 350–362, Dec. 2006.
[16] R. Song, “Advanced smart card based password authentication protocol,” Computer Standards & Interfaces, vol. 32, no. 5, pp. 321–325, 2010.
[17] M. C. Ah Kioon, Z. S. Wang, and S. Deb Das, “Security analysis of MD5 algorithm in password storage,” in Proceedings of Instruments, Measurement, Electronics and Information Engineering. Trans Tech Publications, Oct. 2013, pp. 2706–2711.
[18] P. Oechslin, “Making a faster cryptanalytic time-memory trade-off,” in Proceedings of Advances in Cryptology - CRYPTO 2003. Springer Berlin Heidelberg, 2003, pp. 617–630.
[19] S. Noel, M. Elder, S. Jajodia, P. Kalapa, S. O’Hare, and K. Prole, “Advances in topological vulnerability analysis,” in Proceedings of 2009 Cybersecurity Applications Technology Conference for Homeland Security, Mar. 2009, pp. 124–129.