CFP last date
20 January 2025
Reseach Article

Fortification of Transport Layer Security Protocol by using Password and Fingerprint as Identity Authentication Parameters

by Kuljeet Kaur, G. Geetha
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 42 - Number 6
Year of Publication: 2012
Authors: Kuljeet Kaur, G. Geetha
10.5120/5700-7751

Kuljeet Kaur, G. Geetha . Fortification of Transport Layer Security Protocol by using Password and Fingerprint as Identity Authentication Parameters. International Journal of Computer Applications. 42, 6 ( March 2012), 36-42. DOI=10.5120/5700-7751

@article{ 10.5120/5700-7751,
author = { Kuljeet Kaur, G. Geetha },
title = { Fortification of Transport Layer Security Protocol by using Password and Fingerprint as Identity Authentication Parameters },
journal = { International Journal of Computer Applications },
issue_date = { March 2012 },
volume = { 42 },
number = { 6 },
month = { March },
year = { 2012 },
issn = { 0975-8887 },
pages = { 36-42 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume42/number6/5700-7751/ },
doi = { 10.5120/5700-7751 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:30:43.818145+05:30
%A Kuljeet Kaur
%A G. Geetha
%T Fortification of Transport Layer Security Protocol by using Password and Fingerprint as Identity Authentication Parameters
%J International Journal of Computer Applications
%@ 0975-8887
%V 42
%N 6
%P 36-42
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Whenever there is communication between Client and Server over a public link and resources are to be accessed from remote systems, then proving an identity becomes quiet complex because there is need of proper access rights with authentication. Complete security at the transport layer starts with proof of authentication, majority organizations only use password for security but this research paper would include one more tier of security to the transport layer security protocol by using fingerprints for identity authentication. Bio Hashing with the help of Minutiae Points at the fingerprints would be used for mutual authentication. Complete comparative analysis of all the existing password authentication schemes on the basis of security requirements and attacks is done in this paper. Result is generated that which existing scheme could withstand security requirement of mutual authentication for using fingerprint as identity parameter along with password. Proof is generated that with mutual authentication intruders could not practice Phishing, IP or Server Spoofing, Smurf attack and DNS Poisoning etc. Research paper focuses on implementing Password and Fingerprints for mutual authentication in Multi Server environment which will generate an Ideal Password Authentication Scheme and will result in fortification of Transport Layer Security Protocol.

References
  1. E. Bresson, O. Chevassut, and D. Pointcheval," Security Proofs for an Efficient Password-Based Key Exchange," in 10th ACM Conference on Computer and Communications Security, pp. 1-2,October 27, 2003, Washington, DC, USA.
  2. Peter Buhler, Thomas Eirich, Michael Steiner and Michael Waidner," Secure Password-Based Cipher Suite for TLS", in Network and Distributed Systems Security Symposium(NDSS 2000),San Diego, California, February 2000.
  3. Craig A. Huegen, "Network-Based Denial of Service Attacks," www. pentics. net/ denial-of-service/presentations/. . . /19980209_dos. pp. . .
  4. David A. McGrew and Scott R. Fluhrer ,"Multiple forgery attacks against Message Authentication Codes," eprint. iacr. org/2005/161. pdf ,Cisco Systems, Inc. , May 31, 2005
  5. Vipul Goyal, Virendra Kumar, Mayank Singh, Ajith Abraham and Sugata Sanyal ," CompChall: Addressing Password Guessing Attacks," http://eprint. iacr. org /2004/136. pdf , 2003
  6. Kim Davis," DNS Cache Poisoning Vulnerability Explanation and Remedies," www. iana. org/about/. . . /davies-viareggio-entropyvuln-081002. pdf,Viareggio Italy October 2008,
  7. DongGook Park, Colin Boyd and Sang-Jae Moon ,"Forward Secrecy and Its application to Future Mobile Communications Security," www. dgpark6. com/ Down/pkc2000_FwdSec. pdf
  8. "Mutual Authentication," en. wikipedia. org/wiki/Mutual_authentication
  9. Rajaram Ramasamy, Amutha Prabakar Muniyandi ,"New Remote Mutual Authentication Scheme using Smart Cards," Transactions on Data Privacy ,Volume 2, p-141—152,2009
  10. Tom Davis," RSA Encryption," http://www. geometer. org/mathcircles,October 10, 2003
  11. Brent Waters, Allison Bishop, El Gamal Encryption CS395T Advanced Cryptography, Lecture 3,27th January 2009
  12. "ElGamal Encryption Example," www. informatics. indiana. edu/markus/i400/ lecture7. ppt
  13. Kumar Mangipudi and Rajendra Katti,"A Hash-based Strong Password Authentication Protocol with User Anonymity," International Journal of Network Security, Vol. 2, No. 3, PP. 205–209, May 2006 (http://isrc. nchu. edu. tw/ijns/)
  14. Hanjae Jeong, Dongho Won and Seungjoo Kim ,"Weaknesses and Improvement of Secure Hash-Based Strong-Password Authentication Protocol," Information Security Group, Journal Of Information Science and Engineering 26, 1845-1858 (2010)
  15. "Basic Types of fingerprints," http://www. odec. ca/projects/2004/fren4j0/public_html/ fingerprint_patterns. htm
  16. Sahil Goyal and Mayank Goyal," Generation of hash functions from fingerprint scans," October 2011
Index Terms

Computer Science
Information Sciences

Keywords

Password Authentication Minutiae Points Mutual Authentication