Professional Documents
Culture Documents
ABSTRACT
Data sharing for increased productivity and efficiency is one of the primary requirements today for any
organization. However, protecting online data is critical to the success, which leads to the requirement of efficient
and secure cryptographic schemes for the same. A session password is a password uniquely generated for every
session. The scheme allows the system to automatically generate a session password each time the user logs in. The
session password is generated randomly based on the randomly generated grid. The grid is used as a medium for
password generation. While registration the user must normally enter his username and password while registering
into the system. Now the system stores this password and uses it to generate a unique session password while user
logs in the next time. Proposed system analyzes the security and usability of the proposed scheme, and shows the
support of the scheme to protect from shoulder surfing attack. A data sharing scheme on the cloud is only successful
if data owners can delegate the access rights to their data efficiently to multiple users, who can then access the data
directly from the cloud servers. Data sharing is based on the given time interval which given by the data owner to
the receiver, after the time interval the receiver cant able get the file with the old session key.
With the rapid development of low-power and highly efficient networks, mobile users can pay bills, buy goods
online, and carry out electronic transactions by subscribing to various remote services. Though mobile computing
devices are highly portable, they are usually unprotected and easy to be stolen or get lost. Unless precautions are taken,
an unauthorized person may gain access to the information stored on them. For instance, illegal access may be acquired
by intruders if the data is "sniffed out of the air" in wireless communications or some malware is installed. The lack of
authentication and privacy may cause even more severe results like crippled devices, personal data loss, disclosure of
non-public data, or charge of abused usage against the device owner. Mobile computing devices are of great security
concern not only because of the data stored on them, but also for that they may provide access to other services that
store or display non-public data.
The most common method used for authentication is textual password. The vulnerabilities of this method like
eves dropping, dictionary attack, social engineering and shoulder surfing are well known. Random and lengthy
passwords can make the system secure. The alternative techniques are graphical passwords and biometrics. But these
two techniques have their own disadvantages. Bio metrics, such as finger prints, eye scan or face recognition have been
introduced but not yet widely adopted to all the places. The major drawback of this approach is that such systems can be
expensive and the identification process can be slow in older days. There are many graphical password schemes that are
proposed in the last decade. But most of them suffer from shoulder surfing which is becoming quite a big problem.
There are graphical passwords schemes that have been proposed which are resistant to shoulder-surfing but they have
their own drawbacks like usability issues or taking more time for user to login or having tolerance levels. Personal
Digital Assistants are being used by the people to store their personal and confidential information like passwords and
PIN numbers. Authentication should be provided for the usage of these devices.
RELATED WORKS
OBJECTIVES
The main objective is to avoid shoulder surfing attack using pair based scheme which will generate session
password for the particular session or transaction where there will be virtual keyboard which will shuffle at every
another transaction accordingly.
EXISTING SYSTEM
A graphical authentication technique, where the user has to select some images from a set of random pictures
when user is going to register and then at the time of login user must have to select the same sequence of
images which he has pre-defined at the time of registration.
A colour keyboard implementation, where alphabets and numbers of keyboard are given with different colours.
After the user click, all keys on the keyboard shuffles every time. Here, user has to note down particular
position of key before pressing desired key. Then a button named ‘Hide Keys’ have to be pressed, which will
hide all characters from the keys and empty keys will be displayed before user. Then user has to click on that
key which has the desired key earlier. For which the user can make use of key colour for remembering it.
In existing Research, RSA with DES algorithm had used. In the proposed Storage Management the concept of
cloud storage along with enhanced more security using encryption techniques where either storing complete
file or data on single cloud system. This system will split the file in different parts then encrypt it & store on
different cloud. The data needed to be decrypted & re-arranged that file will be stored in meta-data
management server for efficient retrieval of original file. Further, it is tested in cloud environment. Some
research uses DES and Triple DES Algorithm. An effective and secure data access control scheme with
efficient decryption and revocation.
Some Of The Existing Algorithms In Cloud Security
RSA ALGORITHM
RSA algorithm is public key encryption. This algorithm is brought to life by Ron Rivest, Adi Shamir and Len
Adelman in 1977. It is hottest asymmetric key cryptographic algorithm. It may well used to provide secrecy. There in
algorithm uses the top number to come up with people key and key depending on mathematical fact and multiplying
huge numbers together. It uses the block size data during which plain text and cipher text are integers between 0 and n
for a lot of n values. Size n is known as 1024 bits. The real challenge in the case of RSA algorithm would be the
selection and generation of the public and private key. Within this two di_erent keys can be used encryption and
decryption. As sender knows about the encryption key and receiver knows about the decryption key, the way we can
generate encryption and decryption get into RSA. The whole process are made in below:
DES ALGORITHM
Data Encryption Standard (DES) also known as the Data Encryption Algorithm. Des algorithm provide
improvement over the RSA algorithm. The speeds of Des encryption can be several M per second, it can be well suited
for encrypted numerous message, RSA algorithm will be based upon the issue of factoring, and it is computing velocity
is slower than DES, RSA algorithm is merely well suited for once. DES is really a block cipher. It encrypts the data in
block height and width of 64 bits each. That’s 64 bits are plain text goes as the input to DES, which produce 64 items
of cipher text. Same key and algorithm can be used as encryption and decryption. DES uses 56 bits key but initial key is
made up of 64 bits. Key is 56 items of 8,16,24,32,40,48,56,64 are discarded. Two fundamental features of cryptography
Diffusion and Confusion rounds. In each round key and data bits are shifted, permuted, XOR ed and sent through, 8
round 64 bit plain-text is handed to initial permutation(IP). Then IP generates two halves left plain=text(LPT) and
right plain-text(RPT). Each LPT and RPT goes through 16 rounds. At the last LPT and RPT are rejoined. Decryption is
same process perform rounds in reverse order.
The Data transmitted to the users through networks which may be insecure.
So, that the internet security problems will affect the cloud, with greater risks due to valuable resources
stored within the cloud and cloud vulnerability.
A graphical authentication technique and A colour keyboard implementation, these techniques are
vulnerable to shoulder surfing attack.
Receiver can retrieve the file for a long time with the same key, and this receiver can also distribute to
other more users.
PROPOSED SYSTEM
Session Grid algorithm
The session password is generated randomly based on the randomly generated grid. The grid is used as a
medium for password generation. While registration the user must normally enter his username and password while
registering into the system. Now the system stores this password and uses it to generate a unique session password
while user logs in the next time. This session based authentication system uses the user password and compares
alphabets contained alongside a 6*6 grid with letters a-z and numbers 0-9. The user needs to know the original
password and the generation scheme to enter the exact password.
In this project, it is proposed an improved text-based shoulder surfing resistant scheme by using pair based
scheme is used for alphabet, digit , symbols where session password will form at every session or transaction
using virtual shuffling keyboard.
At the time of registration user have to submit password. Particularly the length of the password is 8 and it can
be named as secret key.
Then next stage is the login phase, when the user enters his username as an interface, the 6 x 6 grid display of
row and column size screened before user.
The grid display consists of alphabets and numbers. These are sequentially placed on the grid at every cell and
this interface changes every time according to every transaction.
According to pair based scheme, user have taken first letter from his registered password as row wise and
second letter as column wise and then the intersection which will form will be the part of session password.
As each and every time the keyboard will shuffle, the session password will also change and hence
automatically security is getting to login.
Data sharing is based on the given time interval which given by the data owner to the receiver, after the time
interval the receiver cant able get the file with the old session key.
rocess.
it then encrypts the file. Finally, owner uploads encrypted file and encryption key and set of attributes to the storage
system.
Give the
generated key
FILE DECRYPTION AND DOWNLOAD
HOMEPAGE
The above figure shows Home Screen. It contains Two modules. First one is Sign up and second one is Sign
in. First we need to click the Signup for registering the name and other details in the data registration page.
File Decryption
Original File
Access
REGISTRATION PAGE
The above figure shows Data Registration. The data owner registration need to fill the details like Full name,
User name, Registration Password, Profession, mobile number, mail id etc., after filling all the details, then click the
submit button. After that submission button, it shows the “Successfully Registered” message in the same window.
LOGIN PAGE
LOGIN PAGE
The above figure shows User login. User can enter the username and password and then click submit button to
login. Here the grid shows dummy for just user knows that download key generated from the grid only.
USER HOMEPAGE
The above figure indicates User Page for File Upload, File Share and Download Files. User can select any one
the above three for his further action.
CONCLUSSION
There are many techniques which are proposed for preventing shoulder surfing attack, with all proposed
techniques the session based password scheme using shuffling keyboard with Pair Based method is more effective and
secure to shoulder surfing attack, as this technique is providing a particular session password for every session or
transaction Also, it is easy to use and handle, hence in near future, this technique has scope to use in many fields for
the security purpose. In this paper, we proposed an Anonymous Two-Factor AKE scheme which preserves security
against various attacks including de-synchronization attack, lost-smart-card attack and password guessing attack, and
supports several desirable properties including perfect forward secrecy, anonymity or untraceability, adaptively
password change, no centralized password storage, and no long-term public key. Furthermore, our protocol maintain
high efficiency in terms of storage requirement, communication cost as well as computational complexity. Our protocol
requires only a few number of message flows and all the transmitted messages are short in size. Additional, the
proposed scheme is provably secure in our extended security model of AKE. Therefore, the proposed scheme is suitable
for deployment in various low-power networks, in particular, the pervasive and mobile computing networks.
REFERENCES
[1] Li Yang, Jian-Feng Ma, and Qi Jiang, “Mutual Authentication Scheme with Smart Cards and Password under
Trusted Computing”, International Journal of Network Security, Vol.14, No.3, PP. 156–163, 2012.
[2] ] A. K. Awasthi and S. Lal “An enhanced remote user authentication scheme using smart cards”, IEEE Trans.
Consumer Electron., vol. 50, No. 2, pp. - , May 2014
[3] Al-Sakib Khan Pathan and Choong Seon, “An Improved Timestamp-Based Password Authentication Scheme Using
Smart Cards”, IEEE Trans. Communication Technology, DOI: 10.1109/ICACT.2007
[4] Ding Wang, Ping Wang, Chun-guang Ma, and Zhong Chen,” Robust Smart Card based Password Authentication
Scheme against Smart Card Security Breach”, IEEE Trans. On Information Forensics, Vol 10, Issue 9, 2015.
[5] Qi Xie, “Security Analysis of a Single Sign-On Mechanism for Distributed Computer Networks”, IEEE
Transactions On Industrial Informatics, VOL. 9, NO. 1, FEBRUARY 2013.
[6] G.Wang, J.Yu and Q.Xie, "Security analysis of a single sign-On Mechanism for Distributed Computer Networks",
IEEE Trans. Ind. Inf., vol. 9, no. 1, pp. 294-302, 2013.
[7] L. Barolli and F. Xhafa, "JXTA-OVERLAY: A P2P platform for distributed, collaborative and ubiquitous
computing", IEEE Trans. Ind. Electron., vol. 58, no. 6, pp. 2163-2172, Oct. 2010
[8] Y. Huang, W. Lin, and H. Li, "Efficient Implementation of RFID Mutual Authentication Protocol", IEEE Trans.
Ind. Electron., vol.59, no. 12, pp. 4784 - 4791, 2012.
[9] B.Wang and M. Ma, "A server independent authentication scheme for RFID systems", IEEE Trans. Ind. Inf., vol. 8,
no. 3, pp. 689-696, Aug. 2012.
[10] B. Fabian, T. Ermakova, and C. Muller, "SHARDIS: A privacy enhanced discovery service for RFID-based
product information", IEEE Trans. Ind. Inf., vol. 8, no. 3, pp. 07-718, Aug. 2012
[11] M. Hwang, and L. Li, "A new remote user authentication scheme using smart cards", IEEE Trans. Consum.
Electron., 2016, 46(1): 28-30.
AUTHOR
G.RAJASEKAR received the B.C.A., degree from University of Madras in 2001, M.Sc(IT) degree from
Alagappa University in 2007, B.Ed., degree from Indira Gandhi National Open University (IGNOU) in
2004respectively. He is currently working as a Computer Instructor, Chennai . Hr. Sec. School, CIT
Nagar, Chennai - 600 035.