Conference Papers

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/28506

Browse

Filters

2020 - 20238

Settings

Author: search.filters.author.Chandavarkar, B.R.Subject: search.filters.subject.Authentication

Search Results

Now showing 1 - 8 of 8
  • No Thumbnail Available
    Item
    Use Cases of Authentication Protocols in the Context of Digital Payment System
    (Institute of Electrical and Electronics Engineers Inc., 2020) Thawre, G.; Bahekar, N.; Chandavarkar, B.R.
    In the digital payment system, the transactions and their data about clients are very sensitive, so the security and privacy of personal information of the client is a big concern. The confirmation towards security necessities prevents the data from a stolen and unauthorized person over the digital transactions, So the stronger authentication methods required, which must be based on cryptography. Initially, in the payment ecosystem, they were using the Kerberos protocol, but now different approaches such as Challenge-Handshake Authentication Protocol (CHAP), Tokenization, Two-Factor Authentication(PIN, MPIN, OTP), etc. such protocols are being used in the payment system. This paper presents the use cases of different authentication protocols. Further, the use of these protocols in online payment systems to verify each individual are explained. © 2020 IEEE.
  • No Thumbnail Available
    Item
    Remote User Authentication and Issues: A Survey
    (Institute of Electrical and Electronics Engineers Inc., 2020) Mehra, R.; Meshram, A.; Chandavarkar, B.R.
    The most convenient and the simplest authentication method to deal with the important and secret data over an uncertain network is remote user authentication. For remote user authentication, a system call with a high-security network is required, which will help to identify whether the parties which are communicating are trustworthy and genuine. User and the server will be securely authenticated using remote user authentication, protecting and processing the communication in a user-friendly way, and provide security to the user by hiding their details. This paper discusses the different approaches in which a remote user authentication mechanism can be done and the issues in those methods, which will verify both the parties in a secure, simple, and convenient way. © 2020 IEEE.
  • No Thumbnail Available
    Item
    An Experimental Evaluation on the Dependency between One-Way Hash Functions and Salt
    (Institute of Electrical and Electronics Engineers Inc., 2020) Rathod, U.; Sonkar, M.; Chandavarkar, B.R.
    Passwords are barriers that protect unauthorized users from accessing personal information in any application. Protecting passwords is one of the challenging tasks in today's world. Currently, a combination of Username/Password used for authentication for a large number of applications. Malicious users might try to steal/misuse the user's data for unethical purposes. To prevent passwords from stealing, developers prefer to use one-way hash functions. One-way hash functions are theoretically irreversible functions that take as an input variable size text and output fixed-sized text. In reality, hash functions are not collision-resistant. Therefore it is recommended to use passwords and randomly generated text called salt to generate hash values and prevent rainbow tables and dictionary attacks. Passwords are hashed at the client-side and sent across the public channel/network. A salt is a randomly generated alphanumeric text used to concatenate with a password to generate a random hash value. This paper demonstrates how the random generation of salt is dependent on passwords and how hash values are dependent on salt. Further, analysis of the behaviour of passwords and hash values using various tools like Wireshark, Ettercap, and Hydra are presented in the paper. © 2020 IEEE.
  • No Thumbnail Available
    Item
    Mitigating Man-in-the-Middle Attack in Digital Signature
    (Institute of Electrical and Electronics Engineers Inc., 2020) Jain, S.; Sharma, S.; Chandavarkar, B.R.
    We all are living in the digital era, where the maximum of the information is available online. The digital world has made the transfer of information easy and provides the basic needs of security like authentication, integrity, nonrepudiation, etc. But, with the improvement in security, cyber-attacks have also increased. Security researchers have provided many techniques to prevent these cyber-attacks; one is a Digital Signature (DS). The digital signature uses cryptographic key pairs (public and private) to provide the message's integrity and verify the sender's identity. The private key used in the digital signature is confidential; if attackers find it by using various techniques, then this can result in an attack. This paper presents a brief introduction about the digital signature and how it is vulnerable to a man-in-the-middle attack. Further, it discusses a technique to prevent this attack in the digital signature. © 2020 IEEE.
  • No Thumbnail Available
    Item
    Mitigating Neighborship Attack In Underwater Sensor Networks
    (Institute of Electrical and Electronics Engineers Inc., 2021) Deshmukh, A.; Deo, S.; Chandavarkar, B.R.
    Transmission of information through Underwater Wireless Sensor Networks(UWSN) across the ocean is one of the enabling technologies for underwater communication. These advances trigger security concerns of the underlying UWSN. Due to the Sack of predictability of the movement of the nodes in such a system, secure neighbour discovery for successful information exchange is a challenge. A neighborship attack is the one which hinders neighbour discovery amongst the various nodes within the network. The wormhole attack and the Sybil attack being the prominent attacks in this category, lead to various issues if not mitigated. The consequences of these attacks can quickly scale from reduced throughput to loss of confidentiality. Moreover, conventional cryptographic algorithms are not possible to implement in a UWSN due to restrictions on the open acoustic channel and severe underwater conditions. In this paper, we propose a true-neighbour algorithm for mitigating neighborship attack in UWSN. Furthermore, the performance of this algorithm is demonstrated in UnetStack with reference to end to end packet delay, with and without implementation of the algorithm. © 2021 IEEE.
  • No Thumbnail Available
    Item
    Hybrid cryptography for cloud computing
    (Institute of Electrical and Electronics Engineers Inc., 2021) Khan, H.K.; Pradhan, R.; Chandavarkar, B.R.
    In the present scenario, we come across millions and trillions of data in our daily lives which can be handled by a data center. Cloud is the data center that enables users to access the files and applications from almost any device and any geographical location as computing and storage take place on servers in the data center instead of the user device locally. It facilitates users with services like Software, Applications promptly without any hazard. Though the cloud has mesmerized the world with its advanced capabilities still there is safety concern involved in it because the cloud is shareable. All security components must ensure data security for every user. In this study report, a new security model using Hybrid Cryptography is designed as data in the cloud is vulnerable to issues like unauthorized data access, integrity violation, identity management, etc. Hybrid Cryptography comprises both symmetric and asymmetric algorithms. Encryption of communication requires Symmetric-key encryption whereas data exchange is taken care by the Public-key encryption technique. RSA algorithm deals with Authentication, blowfish algorithm ensures Data Confidentiality, and Secure Hash Algorithm-2 deals with Data Integrity. The present study concluded that advanced methods provide high data security over the internet and provide services on demand effectively without delay or error. © 2021 IEEE.
  • No Thumbnail Available
    Item
    AuthBlock: Authentication Framework Using Ethereum Blockchain
    (Springer Science and Business Media Deutschland GmbH, 2023) Kamble, S.; Chandavarkar, B.R.
    When employing authentication mechanisms to store user credentials, a subtle point to note is that they are easily vulnerable to cyber attacks like sharing of user data without their consent, password stealing on a large scale, etc. By decentralizing ownership of credentials and providing a framework for confirming one’s record in an unalterable chain of data, i.e., Distributed Ledger Technology (DLT) in general and blockchain can provide a solution. Blockchain technology can help reduce the risk of attacks and user data leaks through backdoors by establishing a secure platform for online service providers to authenticate users without a single point of failure. Blockchain is being utilized increasingly for trusted, decentralized, secure registration, authentication, and valuation of digital assets (assets, real estate, etc.) and transactions, governing interactions, recording data, and managing identity among numerous parties. Smart contracts are used to do transactions on the blockchain. This work aims to analyze the shortcomings of traditional authentication systems and hence provide a blockchain-based authentication solution to address them. In this paper, we suggest AuthBlock, a robust, lightweight, and secure blockchain-based authentication system. It can be used by multiple parties as an authentication framework in parallel without any interference. The proposed approach leverages the Ethereum blockchain along with its provision of smart contracts. The proposed method is tested on the Ethereum localnet created using Go Ethereum (Geth) and evaluated to analyze user authentication, verification, and cost. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
  • No Thumbnail Available
    Item
    BlockFIR: Blockchain based First Information Report System
    (Institute of Electrical and Electronics Engineers Inc., 2023) Kamble, S.; Chandavarkar, B.R.
    India is experiencing a sharp rise in criminal activity. This is a serious problem, as many of these crimes go unreported. Although there is an online platform for the police to store First Information Reports (FIR) and Non-Cognizable Reports (NCR), most FIRs are still written by hand. This is inefficient and can lead to errors. Additionally, the complainant must typically be at the police station to report a cognizable offense. This can be inconvenient and time-consuming, especially for victims who live in rural areas. In 2009, the Crime and Criminal Tracking Network and Systems (CCTNS) were launched as an efficient e-governance system. This system has helped to improve the reporting of crimes, but it is still a centralized system. This means that it is vulnerable to cyberattacks and can be easily shut down by a single point of failure. Therefore, a fully decentralized system is required to ensure no single point of failure and that complaints are handled safely and securely to prevent unauthorized access. This paper proposes a blockchain-based solution called BlockFIR to manage complaints against cognizable and non-cognizable offenses. Using this system, complaints can be registered by users. The police stations will be able to see complaints registered in their jurisdiction, register FIRs/NCRs accordingly, and take action on them. Through a prototype implementation using Go-Ethereum (Geth), smart contracts, and Django web server, we demonstrate the practical use of BlockFIR. We show that our system can be easily used by users, police personnel, and Higher Authorities to improve the current systems in India. © 2023 IEEE.