An algorithm for securing user credentials by combining Encryption and Hashing method

Authors

  • Awlad Hossain Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.
  • Hasibur Rahaman Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.
  • Arafat Jamil Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.
  • Dr. Mohammad Asaduzzaman Khan Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.

Keywords:

Encryption, Hashing, Security SHA 256, User credential.

Abstract

Internet browsers, run on electronic devices usually preserve sensitive information, for example, client identifications. With present day innovation, most of the internet browsers uses password logins as an initial validation to demonstrate a client's individuality. Passwords perform as the primary safeguard against provoker manipulation. But, some internet browsers usually preserve client passwords in the records as plaintext. This saved client’s password help the attackers to promptly get client accreditations and break it. This paper proposes a new algorithm for the security of user credentials using the encryption and the hashing method. Specifically, the motivation behind this technique is to make sure about client identifications against data fraud. This approach ensures client accreditations utilizing a new algorithm that at the first stage keeps a password and then encrypt the password. After that, the respected encrypted data is hashed and sent to the internet browser server to store. This devised method is easy to develop and execution in the internet browser.

Author Biographies

Awlad Hossain, Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.

Dept. of Electronics and Telecommunication Engineering, Student.

Hasibur Rahaman, Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.

Dept. of Electronics and Telecommunication Engineering, Student.

Arafat Jamil, Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.

Dept. of Electronics and Telecommunication Engineering, Student.

Dr. Mohammad Asaduzzaman Khan, Bangabandhu Sheikh Mujibur Rahman Science and Technology University, Gopalganj, Bangladesh.

Dept. of Electronics and Telecommunication Engineering, Lecturer.

References

Chi-Kwong Chan and L.M. Cheng, “Cryptanalysis of a Timestamp-Based Password Authentication Scheme”, Computers & Security, Volume 21, Issue 1, pp. 74-76, 1st Quarter 2001.

W.C. Ku, HC Tsai and MJ Tsaur, “Stolen Verifier attack on an efficient smartcard-base one-time-password authentication scheme”, IEICE TRANSACTIONS on Communications, Vol.E87-B No.8 pp. 2374-237, 2004.

C.K. Koc, M. K. “A simple attack on recently introduced hash based strong password authentication scheme”, International Journal of Network Security, Vol.1, No.2, pp.77–80, 2005.

Katti, and K. M. “A hash based strong password authentication protocol with user anonymity”, International journal of Network Security, Vol.2, No.3, pp. 205–209, 2005.

W.C.Ku, H. C., “Two simple attacks on LSH's strong password authentication protocol”, ACM SIGPOS Operating Systems Review, Volume 37, Issue 4, pp. 26-31, October 2003.

IE Liao, CC Lee and MS Hwang, “A password authentication scheme over insecure networks”, Journal of computer and system science, pp. 727-740, 2006.

S. K. Sood, A. K. Sarje and K. Singh, "Cryptanalysis of password authentication schemes: Current status and key issues”, Proceeding of International Conference on Methods and Models in Computer Science (ICM2CS), Delhi, pp. 1-7, 2009.

X Zhuang, C. C., “A simple password authentication scheme based on geometric hashing function”, International Journal of Network Security, pp. 237-243, May, 2014.

M. H. Ali, E. S. Ismail and F. M. Hamzah, “A Practical and Secure Hash Function-Based Password Authentication Scheme”, Journal of Computer Science, pp. 954-960, July, 2019.

Downloads

Published

2020-12-22

How to Cite

Hossain, A., Rahaman, H., Jamil, A., & Khan, D. M. A. (2020). An algorithm for securing user credentials by combining Encryption and Hashing method. International Journal of Electrical Engineering and Applied Sciences (IJEEAS), 3(2), 35–42. Retrieved from https://ijeeas.utem.edu.my/ijeeas/article/view/5946