Many fields in the world requires authentication of the users. We use authentication in day today life. Most authentications are protected only by Passwords. Passwords are known to be one of the easiest target of hackers. So the authentication is easily broken. Solution to this problem is Two Factor Authentication. Different problems with passwords are Finding written password, Post-It Notes, Guessing password / pin, Shoulder surfing, Keystroke logging, Screen scraping (with Keystroke logging) and Brute force password crackers.
- Something you know (as a secret password).
- Something you have (as an unclonable secure device with a secret key).
- Something you are(E.g : Biometrics)
Two Factor Authentication implements two of the above factors. Stronger and more secure than the traditionally implemented one factor authentication system. An approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are. From a security perspective, the ideas is to use evidences which have separate range of attack vectors (e.g. logical, physical)leading to more complex attack scenario and consequently lower risk. It is commonly found in electronic computer authentication, where basic authentication is the process of a requesting entity presenting some evidence of its identity to a second entity. It seeks to decrease the probability that the requester is presenting false evidence of its identity.
Two Factor Authentication could drastically Reduce the incidence of online identity theft and Reduce other online fraud because the victim’s password would no longer be enough to give a thief permanent access to their information. The project requires the system to be functional as multi-user one.It should be based on specified technology. The system under study must be portable and platform independent. The software that is needed for the development of the system is java script support socket programming, remote database, xml etc which is easily available.
The proposed system offers user friendliness, Great understand ability, Less Restriction on companies and Simplicity. The operations of this application are absolutely simple. Handling this application does not need much training. so the system is operationally feasible. There is no need for much initial investment for software or hardware. The total cost is reduced to a maximum extend because the cost that should be expended in gateway of service providers is not presented here. The system is economically feasible because of the reduced cost as compared to the existing system.
The protocols are based on the DDH protocols but they have fewer message exchanges than the PP-TAKE protocol. This protocol provides identity privacy. This protocol also provides only half forward secrecy as it can ensure forward secrecy only at the client side and not at the server. During system design, problem domain is moved to the solution domain. At the end of design phase is design document which is used for the later implement of the project. In system design, the specifications of client requirements are studied and we identified how client interacts with system. Based on this the input and output format, major modules in the system and desired result are identified. Accordingly, suitable software and hardware specifications required are chosen.
GUI of software is created using Java Applet. It have option of giving remote machine address, port number, RSA key length. It have buttons data, which allows user to select connect, listen, send data, receive data, generate key and also to disconnect. There it have a text field for entering user message. Output are the most important and direct source in information to the consumer and administrator. Intelligent output design will improve the system’s relationship with user and help in decision making. It has a conversation panel to display the connection information, remote messages and information for user.
Mutual authentication is done between server and client. Session key is also generated. This module consists of 4 sub-modules. During Mutual Authentication,
- A computes the session key s k=h(c, r, IDA).
- A and B share the session key sk.
- A computes MB= h( s k, p, t, IDA) and compares it with the MB = h ( s k, p, t, y s ) and send it to B.
During mutual Authentication by B
- B computes MA= h(s k, p, t, y s) and compares it with the MA sent by A.
- if so, B authenticates A as a legimate user.
- Now a mutual authentication between A and B is completed.
Key Exchange Stage - The generated keys are exchanged. A and B produces its own session keys. They are exchanged in various stages of authentication in order to check its validity.
Successful/Unsuccessful Login stage - User Login is checked and verified whether its successful or not. Its based upon the information provided by the user. The server checks the details and if the informations are found correct, the user is allowed to login successfully, else it shows Unsuccessful Login.