High Secure Password Authentication System
Download as PPTX, PDF1 like94 views
The document outlines a secure password authentication system that incorporates hashing, ASCII conversion, and load balancing across multiple servers to enhance security. It details the process of dividing and storing hashed passwords, ensuring that characters are distributed across several servers without predetermined positions. The proposed system's runtime complexity is discussed, emphasizing that it is primarily influenced by the number of servers, rather than the password length.
![[1] NIST. Secure Hash Standard, FIPS PUB 180-2, 2002.
[2] A. K. Lenstra. Further Progress in Hashing Cryptanalysis (white paper).
http://cm.bell-labs.com/who/akl/hash.pdf, February 2005.
[3] R. Rivest. The MD5 Message-Digest Algorithm [rfc1321], 1992.
[4] Wang Xiaoyun, Chen Yin ru. Collision Analysis for Every Round Function of the
MD5, 1996.
[5] Wang Xiaoyun. How to Break MD5 and Other Hash Functions, 2005.
[6] Zhao Shaolan, Xing Guobo, Yang Yixian. The Analysis on Amelioration and Security
of MD5, 2005.
[7] L. Dadda, M. Macchetti, and J. Owen. An ASIC design for a high speed
implementation of the hash function SHA-256 (384,512). In ACM Great Lakes
Symposium on VLSI, pages 421–425. ACM, 2004.
[8] L. Dadda, M. Macchetti, and J. Owen. The design of a high speed ASIC unit for the
hash function SHA-256 (384, 512).In DATE 2004, pages 70–75. IEEE Computer
Society, 2004.
[9] R. Lien, T. Grembowski, and K. Gaj. A 1 Gbit/s partially unrolled architecture of
hash functions SHA-1 and SHA-512.In CT-RSA 2004, volume 2964 of LNCS, pages
324–338.Springer, 2004.](https://image.slidesharecdn.com/mltiserver-191125030629/85/High-Secure-Password-Authentication-System-32-320.jpg)
High Secure Password Authentication System
- 1. • What he look like to you the most……. ? • Pirate….. ?? • Is he a HACKER ??
- 2. hat is HACKING …? hy do people HACK…? How Do We Secure……………….??
- 3. High Secure Password Authentication System Akhil Nadh PC
- 5. What Are We Now… Username Password Username Password Username Password Username 5f4dcc3b5aa76
- 7. MD2 MD4 MD5 MD6 SHA0 SHA1 SHA2 SHA3
- 8. Sql Injection Session Hijacking Brute force attacks Key loggers Single Server
- 10. Step 1 : Input Step 2 : Hashing Step 3 : ASCII Conversion Step 4 : Subtracting Consecutive ASCII Digits Step 5 : Finding Position Step 6 : Load Balancing
- 11. Input :- ‘ password ’ Randomness ensure more security
- 12. Encryption :- MD5 • Irreversible password MD5 5f4dcc3b5aa765d61d8327deb882cf99
- 13. ASCII is a character-encoding scheme originally based on the English alphabet
- 15. parts of hashed password are stored in different servers. each character in the hashed password should be stored in the specific server at a specific position. corresponding positions cannot be predetermined. the positions can be generated only by using the input string (the positions are of integer type). ASCII conversion is used to map the hashed characters to integers.
- 17. Subtract the consecutive ASCII Integers. the absolute value of the result is taken. WHY… ?? HOW……. ??
- 18. 5f4dcc3b5aa765d61d8327deb882cf99 ASCII conversion 53 102 52 Subtract ASCII 53 |102-53| |52-102| 49 50 What randomness this can GIVE…?
- 20. Result obtained in step 4 is divided using the number of servers (say, n). n number of arrays are maintained to store the hashed password’s characters temporarily. Remainder from the above division implies the location of the hashed characters. the array is appended when more than one character takes the same storage location.
- 21. 53 Lets take n=5 5 10 3 5 495 9 45 4 505 10 0 0 4 1 2 3 5 4 f
- 22. 0 4 c 5 a 1 3 8 9 9 1 c 6 5 6 d 2 e 2 2 b 7 d 7 8 3 5 d 3 d b f 4 f a 8 c 5f4dcc3b5aa765d61d8327deb882cf99
- 23. number of temporary arrays and the number of servers are equal. copy these arrays into corresponding servers. to make the characters in each servers almost the same, concatenate all the n number of temporary arrays. the whole string is then divided into n equal or almost equal parts. these parts are then stored into n servers.
- 24. 0 4 c 5 a 1 3 8 9 9 1 c 6 5 6 d 2 e 2 2 b 7 d 7 8 3 5 d 3 d b f 4 f a 8 c 9 8 5 6 4
- 25. 4c5a13899c656d2e2b7d785d3dbffa8c 0 4 c 5 a 1 3 8 1 9 9 c 6 5 6 d 2 2 e 2 b 7 d 7 3 8 5 d 3 d b f 4 f a 8 c
- 26. GGGAINPUT=PASSWORD HASHING FUNCTION IDENTIFYING POSITION ASCII CONVERSION AT = |Am-Am-1 | ; m>1 AT = Am ; m=1 AT mod n A B
- 27. LOAD BALANCING BLOCK 1 BLOCK 2 BLOCK n CONCATENATE THE n BLOCKS n BLOCKS OF DATA BLOCK 1 BLOCK 2 BLOCK n SERVER 1 SERVER 2 SERVER n AA B
- 28. Input: Hashed password, Number of servers (say n, 3<n<33) Output: n parts of password in n servers Step 1: Find the number of characters in the hashed password (say m). Step 2: FOR each character in the password Find ASCII value(say Am). ENDFOR Step 3: FOR each character Am obtained Find AT = |Am-Am-1 | ; m>1 AT = Am ; m=1 ENDFOR Step 4: Copy each hashed password character by appending one of the n temporary arrays. The array is identified by performing modulus operation on each AT by n Step 5: Concatenate all the arrays obtained from the step 4. Step 6: Divide the m characters obtained in step 5 equally or almost equally to the number of servers. Step 7:Copy the n parts obtained in step 5 to n servers.
- 29. The run time complexity of the proposed system depends only on the number of the servers used. The running time varies linearly with the number of servers taken. The length of the password is not considered as a factor to determine the complexity.
- 31. Anirudhan Adukkathayar C Sruthy S Menon
- 32. [1] NIST. Secure Hash Standard, FIPS PUB 180-2, 2002. [2] A. K. Lenstra. Further Progress in Hashing Cryptanalysis (white paper). http://cm.bell-labs.com/who/akl/hash.pdf, February 2005. [3] R. Rivest. The MD5 Message-Digest Algorithm [rfc1321], 1992. [4] Wang Xiaoyun, Chen Yin ru. Collision Analysis for Every Round Function of the MD5, 1996. [5] Wang Xiaoyun. How to Break MD5 and Other Hash Functions, 2005. [6] Zhao Shaolan, Xing Guobo, Yang Yixian. The Analysis on Amelioration and Security of MD5, 2005. [7] L. Dadda, M. Macchetti, and J. Owen. An ASIC design for a high speed implementation of the hash function SHA-256 (384,512). In ACM Great Lakes Symposium on VLSI, pages 421–425. ACM, 2004. [8] L. Dadda, M. Macchetti, and J. Owen. The design of a high speed ASIC unit for the hash function SHA-256 (384, 512).In DATE 2004, pages 70–75. IEEE Computer Society, 2004. [9] R. Lien, T. Grembowski, and K. Gaj. A 1 Gbit/s partially unrolled architecture of hash functions SHA-1 and SHA-512.In CT-RSA 2004, volume 2964 of LNCS, pages 324–338.Springer, 2004.