A Practical Password based Two Server Authentication and Key Exchange System 1.ABSTRACT Most password-based user authentication systems place total trust on the authentication server where clear text passwords or easily derived password verification data are stored in a central database. Such systems are, thus, by no means resilient against offline dictionary attacks initiated at the server side. Compromise of the authentication server by either outsiders or insiders subjects all user passwords to exposure and may have serious legal and financial repercussions to an organization. Recently, several multiserver password systems were proposed to circumvent the single point of vulnerability inherent in the single-server architecture. However, these multiserver systems are difficult to deploy and operate in practice since either a user has to communicate simultaneously with multiple servers or the protocols are quite expensive. In this project, a practical password-based user authentication and key exchange system employing novel two-server architecture is proposed. This system has a number of appealing features, only a front-end service server engages directly with users while a control server stays behind the scene; therefore, it can be directly applied to strengthen existing single-server password systems. In addition, the system is secure against offline dictionary attacks mounted by either of the two servers. 1
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
A Practical Password based Two Server Authentication and Key Exchange System
1. ABSTRACT
Most password-based user authentication systems place total trust on the
authentication server where clear text passwords or easily derived password verification
data are stored in a central database. Such systems are, thus, by no means resilient against
offline dictionary attacks initiated at the server side. Compromise of the authentication
server by either outsiders or insiders subjects all user passwords to exposure and may
have serious legal and financial repercussions to an organization. Recently, several
multiserver password systems were proposed to circumvent the single point of
vulnerability inherent in the single-server architecture. However, these multiserver
systems are difficult to deploy and operate in practice since either a user has to
communicate simultaneously with multiple servers or the protocols are quite expensive.
In this project, a practical password-based user authentication and key exchange system
employing novel two-server architecture is proposed. This system has a number of
appealing features, only a front-end service server engages directly with users while a
control server stays behind the scene; therefore, it can be directly applied to strengthen
existing single-server password systems. In addition, the system is secure against offline
dictionary attacks mounted by either of the two servers.
1
A Practical Password based Two Server Authentication and Key Exchange System
2. SCOPE OF THE PROJECT
A Practical Password-based Two-Server Authentication and Key Exchange System
comprises of two servers by which only a front-end service server appears and deals with
the users where as the second server(control server) stays behind the scene strengthen
existing single-server password systems. In this system the password chosen by the users
has been stored in two servers but appears to be the experience of a single server. The
public server acts as a service server that provides application services, while the back-
end server is a control server whose sole purpose is to assist the service server in user
authentication.
2
A Practical Password based Two Server Authentication and Key Exchange System
3. INTRODUCTION
3.1 INTRODUCTION TO PROJECT:
Password Authentication is the most widely used method. Password based
encrypted key exchange protocols are designed to provide users to communicate over an
unreliable channel with a secure session key. These systems are easy to use and are low
cost. Password authentication requires no dedicated devices like smart cards. Password
based user authentication systems total trust is based on the authentication server, which
performs password verification data (PVD) derived from central database. With the
password the client authenticates himself to the server. The user can simply send the
password to the server, which validates the received password. For security reasons, the
password should be encrypted before it is transferred. Passwords are easy to remember
but inherently weak because most passwords are selected from dictionary, so it allows for
brute-force attacks called dictionary attacks.
The attackers try with possible password from dictionary. Dictionary attacks are
classified as offline and online attacks. In case of online attack, attackers attempt to log in
to the server by trying all passwords from dictionary, but in case of offline attack;
attackers store all past successful login session between a user and a server and then
check the passwords in the dictionary against the login transcript. In the most rigorous
password-only security models, there is no requirement for the user of the method to
remember any secret or public data other than the password.
Most password-based authentication systems employ a Secure Socket Layer
(SSL) connection is established first between the client and the server and then a
password is sent to the server via SSL connection for client-side authentication. Since
each SSL session establishes a random session key by which the password is encrypted, if
an attacker eavesdrops the encrypted password, attacker will not be able to replay it. The
two server systems that are available for password authentication exposes one server to
users and the other is hidden from public. In the proposed system the hidden server is
made public there by the number of users are increased by two way authentication and
also by efficiently using the control server.
3
A Practical Password based Two Server Authentication and Key Exchange System
3.2 PROBLEM SPECIFICATION:
Problem Statement:
Most password-based user authentication systems place total trust on the
authentication server where clear text passwords or easily derived password verification
data are stored in a central database. Such systems are, thus, by no means resilient against
offline dictionary attacks initiated at the server side. Compromise of the authentication
server by either outsiders or insiders subjects all user passwords to exposure and may
have serious legal and financial repercussions to an organization.
Description of Organization:
Passwords are the most common method of authentication used to control
access to digital resources. They are also the easiest way to gain unauthorized access to
these resources. Armed with password cracking software, an intruder can discover a
dictionary word password, or simple variation, in a matter of seconds. When you consider
how much information is protected solely by passwords, it quickly becomes clear that
good passwords are vital to preserving confidentiality.
Passwords must be protected against unauthorized disclosure, modification, & removal.
There are two ways of attacking passwords:
1. Password guessing
2. Password cracking
1. Password Guessing:
Password guessing is guessing the password when a valid user ID is known. It can be
done either manually or automatically, submitting the password of a particular user. For
example, if the user ID is John attacker tries Jack and some other password until finds one
or locked out. In any case, complex passwords provide protection against this type of
attack.
4
A Practical Password based Two Server Authentication and Key Exchange System
2. Password Cracking:
Password cracking is done using a copy of the system file that stores account
passwords in encrypted form. All current operating systems store passwords in an
encrypted form by running the passwords through a one way hash. The hash is then
stored, not the clear text password.
There are three types of cracking attacks:
1. Dictionary attacks
2. Brute force attacks
3. Hybrid attacks
1. Dictionary attacks:
If dictionary words are used as passwords, they can be readily broken, even when
encrypted. That's because software has been created that gives the intruder the ability to
take an entire dictionary's worth of words, run it through various encryption algorithms,
and compare the results with the encrypted password file. If a match is found to the
password hash, the cracker works backswords to discover what the password is. Simply
put, dictionary words offer no protection at all as passwords. If you are thinking of using
foreign words, forget it.
2. Brute force attacks:
A brute force attack tries every possible combination of letter, number, and
punctuation value and format. A brute force attack will always succeed in cracking a
password hash. However, depending on the strength of the password, the hashing
formula, and the speed of the computer, it could take many years to crack some
passwords. In our proposed system the Bit length of |h|, |n| and |p| are minimum of 64 bits
length so the intruders could take a years to crack them.
5
A Practical Password based Two Server Authentication and Key Exchange System
3. Hybrid attacks:
Hybrid attacks build on dictionary attacks by adding or substituting other
characters or numbers for certain letters in dictionary words. Many people perform a
simple substitution, or propend or append a character to a dictionary word to create a
password (e.g., Kris123). The number of messages between the servers and client are
higher than basic and improved protocol there by the intruders has to trap are messages
and has to calculate are the exponentiation which higher than 64 bits. Each time the user
authentication is done by selecting a random number from the Quadratic residue set
which is in turn form from random number that is chosen at each time of login. Therefore,
the intruder reaches different values each time which may take a long time for him to
reach the value.
3.3 COMPANY PROFILE:
In this world of increasing globalization, Our Company moves forward to meet the
challenges of the future through the development of R & D projects in various domains. R
& D project sector attracts the most prominent thinkers and practitioners in a range of
fields that impinge on development. The global presence and reach attained by us are not
only substantiated by its presence, but also in terms of the training students in R & D
project development.
Over the decade, provides a wide range of R & D project development training. Our
uniqueness lies in the exclusive R & D project development. Accordingly, we created a
setting that is enabling, dynamic and inspiring for the increase of solutions to global
problems by R & D project development. Developing appropriate, responsible, innovative
and practical solutions to students, by assisting in R & D project development. All our
research is stranded in the need to provide an industry based training for students.
About team
Our team consists of enthusiastic experts, drawn from a range of disciplines and
experience, supported by infrastructure and facilities, which are world class and
distinctively state-of-the-art.
6
A Practical Password based Two Server Authentication and Key Exchange System
The strength of the organization lies in not only identifying and articulating
intellectual challenges across a number of disciplines of knowledge but also in mounting
research, training and demonstration projects leading to development of specific problem-
based advanced technologies. The organization growth has been evolutionary, driven by a
vision of the future and ingrained in challenges frightening today. The organization
continues to grow in size, spread and intensity of work undertaken. Our experts are
involved in a wide range of R & D project development training to student wishing to
undertake professional development, or just wanting to learn about a new subject or area
of study.
About R & D
Research and development Training makes students to understand new concepts,
understand the strength and far reaching potential of your conception. It helps student to
understand and prepare for the future of your technology.
Vision
Our vision doesn't begin and end with the execution of R & D projects. The main
intension is to provide world-class training to the students in R & D project development
by sharing our knowledge and expertise to create value is our ultimate goal.
7
A Practical Password based Two Server Authentication and Key Exchange System
4. SYSTEM ANALYSIS
4.1 EXISTING SYSTEM:
Single Server Model:
Fig: 4.1.1 Single Server Model
In Single server system, the user communicates with one server where the server validates
against the password available in the central database and allows the user. But, this
system has higher chance of attacks from intruders. The user authentication is done only
by a single server which less secure than two server.
Multi-Server Model:
Fig: 4.1.2 Multi-server model
In the Multi server systems user communicate with servers in parallel by establishing the
connection with all the servers. The users have to communicate with all the servers for
authentication simultaneously so there is demand on communication bandwidth and the
need for synchronization.
8
A Practical Password based Two Server Authentication and Key Exchange System
Gateway Multi-Server Model:
Fig: 4.1.3 Gateway multi-server model
In the Gateway augmented multi server model, the gateway server is positioned between
user and the multiple servers. The users have to communicate only with the gateway so it
removes the demand of simultaneous communications by user with multiple servers.
There is an additional layer “gateway” in the architecture where gateway acts as rely
messages between user and servers. It does similar to that of multi server.
DISADVANTAGES:
The single server results in a single point of vulnerability in terms of offline
dictionary attacks against the user password database.
The main problem with the plain multiserver model is the demand on
communication bandwidth and the need for synchronization at the user side since
a user has to engage in simultaneous communications with multiple servers. From
security perspective, more components generally imply more points of
vulnerabilities.
9
A Practical Password based Two Server Authentication and Key Exchange System
4.2 PROPOSED SYSTEM:
Two Server Model:
In serial communication, the user establishes the connection with the server in
series. It includes Two Server Systems
.
Fig: 4.2.1 Two Server Model
In Two server systems, the user is allowed to communicate with single system, public
server where as the other system is the back-end server or the control server used for
authentication only. The important difference between the two server and the multi server
models:
A user ends up establishing a session key only with the public server where in multi
server model a user establishes a session key with each of the servers.
ADVANTAGES:
It is clear that the two-server model has successfully eliminated drawbacks in the
plain multiserver model (i.e., simultaneous communications between a user and
multiple servers) and the gateway augmented multiserver model (i.e., redundancy)
while allowing us to distribute user passwords and the authentication functionality
to two servers in order to eliminate a single point of vulnerability in the single-
server model.
In the Proposed System, the public server acts as a service server that provides
application services, while the back-end server is a control server whose sole
purpose is to assist the service server in user authentication (the service server, of
course, also participates in user authentication). This enforces clear separation of
duty in our system.
10
A Practical Password based Two Server Authentication and Key Exchange System
5. FEASIBILITY STUDY
Many feasibility studies are disillusioning for both users and analysts. First, the
study often presupposes that when feasibility document is being prepared, the analyst is in
a position to evaluate solutions. Second, most studies tend to overlook the confusion
inherent in the system development – the constraints and the assumed attitudes. If the
feasibility study is to serve as a decision document for a project, it must answer 3 key
questions:
Three key considerations involved in the feasibility analysis:
1. Economical Feasibility
2. Technical Feasibility
3. Behavioral Feasibility
5.1 ECONOMIC FEASIBILITY:
This application on the client side has been developed using J2EE, which is open
source software. The hardware required are two servers, which is not expensive. Hence
the application is economically feasible.
5.2 TECHNICAL FEASIBILITY:
As the application has been developed using J2EE and the back end as MS-
Access, which utilize minimum resources of the Personal computer, this project is
technically feasible.
5.3 BEHAVIORAL FEASIBILITY:
This project has been implemented by J2EE and it satisfies all the conditions and
norms of the organization and the users.
11
A Practical Password based Two Server Authentication and Key Exchange System
5.4 TECHNICAL ANALYSIS:
Technical analysis involves the evaluation of the technical merits of the system,
which should envelope, the following aspects:
Short term implementation consideration
Long term implementation consideration
Technical analysis begins with the assessment of the technical viability of the
technologies, the methods, employed and the risk involved in their development. The
proposed system employees advanced technology such as J2EE and other technical
resources, which are time tested and available. The technologies plain and simple on the
development side and are profound and robust on the implementation side that is worth
employing. The above discussion vaporizes any doubts expressed regarding viability of
the system.
12
A Practical Password based Two Server Authentication and Key Exchange System
6. SOFTWARE REQUIREMENT SPECIFICATIONS
Software requirements specification is the starting point of software development
activity. It is the most difficult and error prone task. The SRS is the means of translating
the ideas in the minds of clients (the input), into a formal document (the output of the
requirement phase).
6.1 INTRODUCTION:
Purpose:
The SRS document purpose is to describe the nominal and other
requirements of the system that validates the employee (user) and allow him to do his
office work.
Scope:
The locality of this application is limited to the user and the server; in this the
user gives his id and password to the server in order to login to the server. It provides the
authentication to the user by making it secure against the offline dictionary attacks.
6.2 USER REQUIREMENTS:
User must possess a valid user id and password for the purpose of authentication.
The user importantly must have a p.c. with a LAN network in order to gain the
authentication from the server.
13
A Practical Password based Two Server Authentication and Key Exchange System
6.3 SOFTWARE REQUIREMENTS:
Client Side:
Front End:
Operating system : Windows XP
Technology : Java
Server Side:
Front End:
Operating system : Windows XP/2000 or higher
Technology : Java using JSP, JDBC.
Back End:
Database : MS-Access
Web Server : Apache Tomcat
6.4 HARDWARE REQUIREMENTS:
Client Side:
Processor : Intel Pentium III or higher
Ram : 256 MB or higher
Hard disk : 40 GB hard disk
Network Connections : LAN
Server Side:
Processor : Intel Pentium IV or higher
Ram : 1GB or higher
Cache : 512 KB
Hard disk : 160 GB hard disk or higher
14
A Practical Password based Two Server Authentication and Key Exchange System
6.5 FUNCTIONAL REQUIREMENTS:
The project mainly contains the following modules
1. User Registration
2. Password Authentication
3. Key Exchange
4. Server Development
1. User Registration:
The user must enter the id and password to register into the database after
registering the user will login into the server using the registered id and password.
2. Password Authentication:
After giving his id and password, the password is send to the service server and
the service server collects the remaining password from the control server and checks
whether the user is valid or not.
3. Key Exchange:
`In this the user sends his password to the service server and the service server
divides the password into two halves , one half is send to the control server and remaining
part is kept with the service server. In this the password is exchanged between the two
servers, if the password is valid the control server gives the authentication report to the
service server and then the service server provides the authentication to the user.
4. Server Development:
In this module we will develop a service server that should interacts with the
clients and we will develop a control server will only have the interaction with service
server but not with the clients.
15
A Practical Password based Two Server Authentication and Key Exchange System
6.6 PERFORMANCE REQUIREMENTS:
Static Requirements:
These are the requirements that are essential for the better performance of the
system before the system gets executed. These include the number of users to be
supported, number of parallel instructions to be processed.
The server side computer should highly configure with a memory capacity to
support the kick off of many parallel instructions.
Dynamic Requirements:
The servers must be configured to support a vast number of users.
6.7 INTRODUCTION TO JAVA
Security:
Every time you download a “normal” program, you are getting risk with a viral
infection. Prior to java, most users did not download executable programs frequently. In
addition, another type of malicious program exists that must be guarded against. This type
of program can gather private information, such as credit card numbers, bank account
balances, and passwords. Java answers both these concerns by providing a “firewall”
between a network application and your computer.
Portability:
For programs to be dynamically downloaded to all the types of platforms
connected to the internet, some means of generating portable executable code is needed.
As you will see, the same mechanism that helps ensure security also helps create
portability. Indeed, java’s solution to these two problems is both elegant and efficient.
16
A Practical Password based Two Server Authentication and Key Exchange System
Platform Independent:
Platform independence, that means the ability of a program to move easily from
one computer system to another. It is one of the most significant advantages that Java has
over other programming languages. Java is platform independent at both the source and
the binary level.
Byte code:
The key that allows the java to solve the security and portability problems is that
the output of java compiler is byte code. Byte code is a highly optimized set of
instructions designed to be executed by the java run – time system, which is called the
java virtual machine (JVM). That is, in its standard form, the JVM is an interpreter for
byte code.
Java Applets:
Applets are a common way of writing Java applications. Integrating web based
sound and graphics into applications is simplified by using methods in Applet class.
Applets are essentially program that run from within a browser.
They appear as part of HTML documents in the same way that pictures are presented. The
major difference is that instead of a static graphics, the Java Applet is a complete running
program. An Applet is just like a widow application, but without a classic window frame.
The ranges of programs that can be written as an APPLET are reduced because of
security limitations imposed by the target browser. Applets run only from with in Java-
Enabled browsers such as NETSCAPE, hotJava, and INTERNET EXPLOSER.
Applet Life Cycle:
There are four methods that give the framework to build the applet
Init ()
Start ()
Stop ()
Destroy ()
17
A Practical Password based Two Server Authentication and Key Exchange System
Init():- Used for initial setup such as defining Layout, passing parameters and other
initializations.
Start():- This is called immediately after init () start () is called each time user return to
the pea or when the page is deconified. Unlike start, init is called only once.
Stop():- This method is called when the user moves off the page on which the Applet sits
or when it is confined. If an applet if not doing time consuming activities like performing
animation, this need not be implemented.
Destroy():- This method is called when the browser shuts down. It is used to re-claim
resources.
Introduction to Swings:
After working your way through this chapter and seeing the huge changes that
have occurred within the AWT (although, if you can remember back that far, Sun claimed
Java was a “stable” language when it first appeared), you might still have the feeling that
it’s not quite done. Sure, there’s now a good event model, and JavaBeans is an excellent
component reuse design. But the GUI components still seem rather minimal, primitive,
and awkward. That’s where Swing comes in. The Swing library appeared after Java 1.1
so you might naturally assume that it’s part of Java 1.2. However, it is designed to work
with Java 1.1 as an add-on. This way, you don’t have to wait for your platform to support
Java 1.2 in order to enjoy a good UI component library. Your users might actually need to
download the Swing library if it isn’t part of their Java 1.1 support, and this could cause a
few snags. But it works Swing contains all the components that you’ve been missing
throughout the rest of this chapter: those you expect to see in a modern UI, everything
from buttons that contain pictures to trees and grids. It’s a big library, but it’s designed to
have appropriate complexity for the task at hand – if something is simple, you don’t have
to write much code but as you try to do more your code becomes increasingly complex.
This means an easy entry point, but you’ve got the power if you need it.
Easy conversion:
If you’ve struggled long and hard to build your UI using Java 1.1, you don’t want
to throw it away to convert to Swing. Fortunately, the library is designed to allow easy
conversion – in many cases you can simply put a ‘J’ in front of the class names of each of
your old AWT components.
18
A Practical Password based Two Server Authentication and Key Exchange System
Tool tips:
Almost all of the classes that you’ll be using to create your user interfaces are
derived from JComponent, which contains a method called setToolTipText(String). So,
for virtually anything you place on your form, all you need to do is say (for an object jc of
any JComponent-derived class):
jc.setToolTipText("My tip");
when the mouse stays over that JComponent for a predetermined period of time, a
tiny box containing your text will pop up next to the mouse.
Borders:
JComponent also contains a method called set Border ( ), which allows you to
place various interesting borders on any visible component. The following example
demonstrates a number of the different borders that are available, using a method called
showBorder( ) that creates a JPanel and puts on the border in each case. Also, it uses
RTTI to find the name of the border that you’re using (stripping off all the path
information), then puts that name in a JLabel in the middle of the panel:
Buttons:
Swing adds a number of different types of buttons, and it also changes the
organization of the selection components: all buttons, checkboxes, radio buttons, and
even menu items are inherited from Abstract Button (which, since menu items are
included, would probably have been better named “AbstractChooser” or something
equally general).
The JButton looks like the AWT button, but there’s more you can do to it (like
add images, as you’ll see later). In com.sun.java.swing.basic, there is a BasicArrowButton
that is convenient, but what to test it on? There are two types of “spinners” that just beg to
be used with arrow buttons: Spinner, which changes an int value, and String Spinner,
which moves through an array of String (even automatically wrapping when it reaches the
end of the array).
19
A Practical Password based Two Server Authentication and Key Exchange System
The Action Listeners attached to the arrow buttons shows how relatively obvious
it is to use these spinners: you just get and set values, using method names you would
expect since they’re Beans. When you run the example, you’ll see that the toggle button
holds its last position, in or out. But the check boxes and radio buttons behave identically
to each other, just clicking on or off (they are inherited from JToggleButton).
Button groups:
If you want radio buttons to behave in an “exclusive or” fashion, you must add
them to a button group, in a similar but less awkward way as the old AWT. But as the
example below demonstrates, any Abstract Button can be added to a Button Group.
To avoid repeating a lot of code, this example uses reflection to generate the
groups of different types of buttons. This is seen in make Panel, which creates a button
group and a JPanel, and for each String in the array that’s the second argument to
makeBPanel( ), it adds an object of the class represented by the first argument.
Icons:
You can use an Icon inside a JLabel or anything that inherits from Abstract Button
(including JButton, JCheckbox, JradioButton, and the different kinds of JMenuItem).
Using Icons with JLabels is quite straightforward (you’ll see an example later). The
following example explores all the additional ways you can use Icons with buttons and
their descendants.
Menus:
Menus are much improved and more flexible in Swing – for example, you can use
them just about anywhere, including panels and applets. The syntax for using them is
much the same as it was in the old AWT, and this preserves the same problem present in
the old AWT: you must hard-code your menus and there isn’t any support for menus as
resources (which, among other things, would make them easier to change for other
languages). In addition, menu code gets long-winded and sometimes messy.
20
A Practical Password based Two Server Authentication and Key Exchange System
The following approach takes a step in the direction of solving this problem by
putting all the information about each menu into a two-dimensional array of Object (that
way you can put anything you want into the array). This array is organized so that the first
row represents the menu name, and the remaining rows represent the menu items and
their characteristics.
Popup Menus:
The implementation of JPopupMenu seems a bit strange: you must call enable
Events( ) and select for mouse events instead of using an event listener. That is, it’s
possible to add a mouse listener but the Mouse Event that comes through doesn’t return
true from
isPopupTrigger( ) – it doesn’t know that it should trigger a popup menu.8 In addition,
when I tried the listener approach it behaved strangely, possibly from recursive click
handling.
List Boxes and Combo Boxes:
List boxes and combo boxes in Swing work much as they do in the old AWT, but
they also have increased functionality if you need it. In addition, some conveniences have
been added. For example, the JList has a constructor that takes an array of Strings to
display (oddly enough this same feature is not available in JComboBox).
Sliders and Progress Bars:
A slider allows the user to input data by moving a point back and forth, which is
intuitive in some situations (volume controls, for example). A progress bar displays data
in a relative fashion from “full” to “empty” so the user gets a perspective.
21
A Practical Password based Two Server Authentication and Key Exchange System