Secure data management - Secret sharing principles applied to data or password protection

Abstract

This paper deals with the introduction of an information security mechanism to deal with the increasing threats of password hijack attacks. The proposed work deals with application of secret sharing principles for the protection of critical credentials of the stakeholders such as login Id and password. It is based on the fact that individual segments of passwords or credentials are ineffective without the existence of the remaining segments. We try to establish this fact to our advantage by proposing an implementation where password segments are distributed across several databases to strengthen their security and integrity and thereby, eliminate the threat of credential hijacking or phishing. The distributed nature of the divided segments of data can ensure lower probability of a successful attack. To summarize, an alternative encryption mechanism based on secret sharing is proposed which could be computationally efficient and which could provide equivalent or greater security in comparison with the standard cryptographic algorithms.