Using hashing and RSA algorithms for log-in authentication.

number: 
393
English
department: 
Degree: 
Imprint: 
Computer Science
Author: 
Esraa Izzt Salem AL-Na'ami
Supervisor: 
Dr. Taha S. Bashaga
Dr. Adeeb H. Sulaiman
year: 
2000
Abstract:

As the computer network spreading vastly, the need for login authentication is becoming an important issue. In this thesis we designed and implemented authentication protocols using Key hashing for Message Authentication Code (HMAC system) and RSA public-key cryptosystem to verify the users loggs into terminal computers are authorized or unauthorized for specific system. To achieve maximum authentication of these protocols. HMAC system is used in the first stage, that depends on a one-way hash function characteristic, it is easy to compute a hash value from pre-image, but it is hard to generate a pre-image that hashes to a particular value. To increase authentication, RSA public-kev cryptosystem is used in the second stage, which depends on the trap-door one-way function. The use of one-way hash functions in a HMAC system with RSA public-key cryptosystem is to compress any large file in a secure manner before encrypted with a private (secret) key. Three levels of authentication protocols have been used: higher level, medium level, and lower level. An input image is used in higher level authentication protocol; a coded word (message) is used as input to the medium level authentication protocol, while an input name (string) is used in the lower level uthentication protocol. Each of the three levels protocols consists of two stages. In the first stage, the user enters his/her image, code, or name with specific secret key to a protocol. This input processed by HMAC system with two rounds, the result compared with stored hashed (images, codes, names) files: if a comparison correct, the user is authorized and passes to the second stage; otherwise the loggin is rejected. The output of the first stage together with the user private key is used as input to the second stage. This input is processed by RSA public-key cryptosystem, and result the authorization of the user to enter the system if a decrypted encryption hashed (image, code, or name) matched the input to this stage; else the user is unauthorized and ejdts from a system.