CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Secure Password Sharing and Storage using Encryption and Key-Exchange

by Joseph Okwedo Mwamba, Andrew Mwaura Kahonge
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 183 - Number 35
Year of Publication: 2021
Authors: Joseph Okwedo Mwamba, Andrew Mwaura Kahonge
10.5120/ijca2021921733

Joseph Okwedo Mwamba, Andrew Mwaura Kahonge . Secure Password Sharing and Storage using Encryption and Key-Exchange. International Journal of Computer Applications. 183, 35 ( Nov 2021), 26-34. DOI=10.5120/ijca2021921733

@article{ 10.5120/ijca2021921733,
author = { Joseph Okwedo Mwamba, Andrew Mwaura Kahonge },
title = { Secure Password Sharing and Storage using Encryption and Key-Exchange },
journal = { International Journal of Computer Applications },
issue_date = { Nov 2021 },
volume = { 183 },
number = { 35 },
month = { Nov },
year = { 2021 },
issn = { 0975-8887 },
pages = { 26-34 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume183/number35/32157-2021921733/ },
doi = { 10.5120/ijca2021921733 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T01:18:45.879413+05:30
%A Joseph Okwedo Mwamba
%A Andrew Mwaura Kahonge
%T Secure Password Sharing and Storage using Encryption and Key-Exchange
%J International Journal of Computer Applications
%@ 0975-8887
%V 183
%N 35
%P 26-34
%D 2021
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Based on security best practices for passwords, the credential is a confidential pin for authenticating system users. Still, there are instances where users share a common password for resources. Credentials sharing necessitates the passing of sensitive private information between individuals, thus creating a litter of sensitive data across email boxes and other forms of communication.Information security experts recommend using password management applications to mitigate security vulnerabilities resulting from the transmission of passwords from one person to another. On the contrary, there have been researched studies revealing vulnerabilities in password management applications. The main objective of the research was to develop a process model for password sharing using asymmetric cryptography. Also, part of the objectives was to build and test a prototype that facilitates the secure sharing of passwords over the internet using the redefined process model.The research was an exploratory study consisting of system development and focus group discussion. The result was a prototype that facilitated the secure sharing of passwords over the internet using asymmetric cryptography.

References
  1. S. Standridge, "Password Management Applications and Practices," SANS Institute Information Security Reading Room, 2016.
  2. M. Schumacher, "Security Considerations for Team Based Password Managers," SANS Institute Information security reading room, 2018.
  3. H. Ayal, K. Tzfania, S.-H. Rony, T. Elena, U. Florina, A. Shahar and A. Dan, "Prevalence of Sharing Access Credentials in Electronic Medical Records," Healthcare Informatics Research, 2017.
  4. Kessler, "An Overview of Cryptography," 2021. [Online]. Available: https://www.garykessler.net/library/crypto.html. [Accessed 4 June 2020].
  5. J. O. B, Researching Information Systems and Computing, London: SAGE Publications Ltd, 2006.
  6. R. Pello, "Design science research — a short summary," Medium.com, 2018. [Online]. Available: https://medium.com/@pello/design-science-research-a-summary-bb538a40f669. [Accessed 14 January 2021].
  7. "Data Encryption in Transit: What Your Business Needs to Know," BrightlineIT, 2021. [Online]. Available: https://brightlineit.com/data-encryption-transit-business-needs-know/. [Accessed 24 June 2021].
  8. Oracle, "Protecting Data in a Network Environment," Oracle, 2021. [Online]. Available: https://docs.oracle.com/cd/B12037_01/network.101/b10777/protnet.htm. [Accessed 13 June 2021].
  9. SealPath, "The three states of data guide: Description and how to secure them," SealPath, 23 June 2020. [Online]. Available: https://www.sealpath.com/blog/protecting-the-three-states-of-data/. [Accessed 22 May 2021].
  10. I. Iuli, R. Rob and C. Sunny, "“...no one can hack my mind”: Comparing Expert and Non-Expert Security Practices," Symposium on Usable Privacy and Security, 2015.
  11. Z. Zhu, D. Zhongqi and W. Yongge, "Security analysis of a password-based authentication protocol proposed to IEEE 1363," Theoretical Computer Science, 2005.
  12. A. Michel and . P. David, "Simple Password-Based Encrypted Key Exchange Protocols," 2005.
  13. R. W. F. Lai, C. Egger, M. Reinert, S. S. M. Chow, M. Maffei and D. Schr¨oder, "Simple Password-Hardened Encryption Services," USENIX Association, 2018.
Index Terms

Computer Science
Information Sciences

Keywords

RSA key exchange encryption

Powered by PhDFocusTM