Username and Password

Authentication

Contributors:
1. Mandira Hawaldar : 19BCT0052
2. Palak Thakur: 19BCB0052
3. Pratishtha Gaur: 19BCE0104
4. Rahil Kabani: 19BCT0016

Submitted To : Gayathri P. Slot: L39+40/B1

Abstract:
Authentication is an activity to authenticate the person credential that
wishes to perform the activity. In the process of authentication, the
password enter by the user will be transmitted along the traffic to the
authentication server in order to allow the server to grant access to the
authorized user.
This program is a like a login form. Wherein user creates username and
password which is then stored in a file which acts as a database. This file
helps in authentication of password later on. We have an option of
changing password which firstly asks for admin’s password to avoid
losing information. Later password can be changed which will be
changed in the file too. Here we can add various levels of security to
avoid data corruption. This program as it is can be added in any website
which requires logging in.
--------------------------------------------------------------------------------------
Aim:
Making a username and password authentication program using binary
search tree.
----------------------------------------------------------------------------------

Objective:
The main objective of this c project on password authentication is to
manage the details of permission and authorisation, username, changing
password. It manages all the information about permission and
authorization and password. The project is totally built at administrative
end and thus only the administrator is guaranteed the access. The
purpose of the project is to build an application program to reduce the
manual work for managing the permission and authorization.
----------------------------------------------------------------------------------
Scope / Applicability:
This program broadly is used to protect information from theft on a
basic scale. It can be used by individuals or by small groups. Only the
group administrator can control all the data and make changes to the
information. The functions provided are: creating a login that is adding a
user, allows change of password in case its lost, gives a list of ids which
can act as a database of information of all users, it allows admin to delete
a user. All these changes done will be stored in a file and maintained.
This program is initial for maintaining maybe a club or a small
organisation.
----------------------------------------------------------------------------------
Introduction:
In the early phases of logins the username and password used to be
stored in a plain text which could be easily hacked and since most people
keep same password for all there accounts a big scam could be possible.
So here, in this program we have used a bit of encryption. In this login
which is the newer form of login system the password is not stored
directly rather is hashed using a hashing function and then the cryptic
value is stored it is difficult to regain actual password from the hashed
value so data remains quite safe. The given login system provides certain
more options like adding and removing a user id and displaying existing
ids all these operations solely function using binary search tree
technique. At the end all the changes made are stored in a file using
special functions included in stdio library for files.
----------------------------------------------------------------------------------
Literature Review:
The password is nothing new. In fact, it has been around for centuries.
Way before Gmail, Skype and Netflix, the Roman military reportedly
used passwords as a way to distinguish friend from foe. And since then
password authentication has had important role. In the beginning of
computers era logging in was essential it started with general approach
of protecting pc as a whole, later as security of information became
important every application started to have a password protection.
Initially it involved hashing later due to issues related to hacking a more
secured 2 step authentication was required.
This program is that basic program program for authentication firstly
used. It uses hashing for password and binary search tree for
authentication.
------------------------------------------------------------------------------
Implementation:

Use case diagram:

Add User

Delete User

Authentication

List User

Update in file
Functional diagram-Add user:

Enter
Username
Binary tree
insertion

User
Enter Hashed
Password password

Delete User:
Searching
Enter username
Username using BINARY
SEARCH

User Delete node

Enter Hashed
Password password

Authentication:

Enter
Displayed
Username
Search and
match id and
password
User

Exit
Enter Hashed
Password password

List user:

Inorder
Display
traversal
File:

Open file
Read nodes Write in file
output.txt

--------------------------------------------------------------------------------------
Modules used:
1.Header file
2.User addition
3.User deletion
4.Authentication
5.List user
6.Updation in file
----------------------------------------------------------------------------------
Module description:
1. Header file:
a) studio.h - used for getting the standard input output that is the
input from the keyboard and output on the screen
b) stdlib.h - This header defines several general-purpose functions,
including dynamic memory management, random number
generation, communication with the environment, integer
arithmetics, searching, sorting and converting
c) string.h - the header in the C standard library for the C
programming language which contains macro definitions,
constants and declarations of functions and types used not only
for string handling but also various memory handling functions
d) stdint.h – This header file allows programmers to write more
portable code by providing a set of typedefs that specify exact-
width integer types, together with the defined minimum and
maximum allowable values for each type, using macros
2. User addition:
The program uses binary search tree to store the username and
password of the user. Binary search tree is a node-based tree data
structure in which the left node has value less than the node or
parent node and the right subtree contains values greater than the
node or parent node.The node of the binary search tree used
contains two components username and password marked by
pointers left and right respectively. A new key is always inserted at
leaf. We start searching a key from root till we hit a leaf node. If
root node isn’t empty set current to res and if res>0 move the
pointer to the right else left. Strcasecmp function is used to
compare two strings username to check if the username already
exists. If strcasecmp returns a non-zero value then creates a
newnode to add the details of the user. Print “User successfully
added”.
3. User deletion:
The deletion in a binary search tree requires the programmer to
check whether the node has two children, one chid or is a leaf
node. This arises due to the fact that the nature of a binary search
tree (BST) must remain intact even after the deletion process. So
we have to check whether the node to be deleted is a leaf node if
yes then free that node and if the node to be deleted has one child
then copy the child to the node and free the child, if the node to be
deleted had two children Find inorder successor of the node. Copy
contents of the inorder successor to the node and delete the
inorder successor. Note that inorder predecessor can also be used.
4. Authentication:
Authentication is the process of recognizing a user’s identity. The
credentials that are input by the user undergo verification to see if
 they are correct and then the user is allowed to access the
application they want. Storing passwords in a database on the
server for authentication is quite difficult and risky and hence a
more secure password storage method that is used is hashing. User
is asked for id and password the password obtained is hashed and
then the credentials are compared with then ones stored in the
database using binary search. When the password provided for a
given username matches the password stored then only the user
gains access to the application. Hashing is preferred for password
authentication as it is almost impossible to generate the original
input given by the user if someone only has the hash value at their
disposal.
5. List user:
It provides an alphabetical list of all the usernames stored in the
system along with the total number of usernames. As we delete or
add usernames the list undergoes modifications accordingly. Using
inorder traversal technique all the usernames are displayed. In
inorder traversal first the lest node of tree is searched then root
and finally right and value in username section is displayed.
6. File:
A file is created where in username and the hashed password is
stored.

----------------------------------------------------------------------------------

Result:
This mode of login authentication turn out to be the best program from
the resources available. There still is scope of advancement but it
involves greater knowledge and resources which is two step
authentication.
Here is the opening screen which says welcome to password manager

This is primarily designed to be used by admin so first of all it asks for

admin password setup.
It is a menu driven program which gives 6 choices as to which operation
to perform.

On selecting 1st option it asks for username and password and then adds
to the tree
On selecting second option it asks for user id and password of the user to
be deleted.

On selecting option 3 it asks for id and password to be authenticated or

verified.
On selecting option 4 all the users registered will be displayed like given
below

On selecting option 5 it will ask for admin password as on entering

password all the changes made will be stored in the output file.
----------------------------------------------------------------------------------
Time complexity analysis
1. Module 1 works basically on insertion using binary search tree so
time complexity in avg case, is O(log n) for 1 insert operation since
it consists of a test (constant time) and a recursive call (with half of
the total number of nodes in the tree to visit), making the problem
smaller in constant time. Thus for n insert operations, avg case is
O(nlogn). The key is that the operation requires time proportional
to the height of the tree. In average, 1 insert operation is O(logn)
but in the worst case the height is O(n) If you're doing n
operations, then avg is O(nlogn) and worst O(n2)
2. Module 2 uses binary search tree deletion it has 3 conditions:
If node to be deleted is leaf: Simply remove from the tree.
If node to be deleted has only one child: Copy the child to the node
and delete the child
If node to be deleted has two children: Find inorder successor of
the node. Copy contents of the inorder successor to the node and
delete the inorder successor. Note that inorder predecessor can
also be used.
 So now time complexity depends on how which way is used. The
most common way involves finding the successor of the node, then
replacing the node with that successor. This can be done in O(h),
where h is the height of the tree. In the worst case this is O(n), but
in a balanced tree is worst-case O(log n).
3. Module 3 uses searching technique as in binary search tree so the
time complexity for a single search in a balanced binary search tree
is O(log(n)). Maybe the situation requires you to do n searches in
the binary tree, hence the total complexity is O(nlog(n)).The worst
case complexity for a single search in an unbalanced binary search
tree is O(n). And similarly, if you are doing n searches in the
unbalanced tree, the total complexity will turn out to be O(n2).
4. Both module 4 and 5 uses inorder traversal method for displaying
and writing just the difference is in list user module details are
provided to user and in rear information is written in a file.
So time complexity is same as that of inorder traversal. It is O (n)
where n is the number of nodes in the tree. It is simply because the
algorithm will need to visit every node exactly once.