Transcript of "Psdot 6 web based security analysis of opass authentication schemes using mobile application"
WEB BASED SECURITY ANALYSIS OF OPASS AUTHENTICATION SCHEMES USING MOBILE APPLICATIONOBJECTIVES: To develop web based security analysis of one Time passwordauthentication schemes using mobile application.PROBLEM DEFINITION Text password is the most popular form of user authentication on websitesdue to its convenience and simplicity. However, users’ passwords are prone to bestolen and compromised under different threats and vulnerabilities. Firstly, usersoften select weak passwords and reuse the same passwords across differentwebsites. Routinely reusing passwords causes a domino effect; when an adversarycompromises one password, she will exploit it to gain access to more websites.Second, typing passwords into untrusted computers suffers password thief threat.An adversary can launch several password stealing attacks to snatch passwords,such as phishing, key loggers and malware.
ABSTRACT: In this paper, we design a user authentication protocol named oPass whichleverages a user’s cellphone and short message service to thwart password stealingand password reuse attacks. OPass only requires each participating websitepossesses a unique phone number, and involves a telecommunication serviceprovider in registration and recovery phases. Through oPass, users only need toremember a long-term password for login on all websites. After evaluating theoPass prototype, we believe oPass is efficient and affordable compared with theconventional web authentication mechanisms.EXISTING SYSTEM: Captcha Based Login System Text Password Based Login System Cryptography based Login system Image based Login System. Biometric Based Login SystemDISADVANTAGE: Forget The Password So the user didn’t Login any one Website and he/she can’t access any information from that’s website. Reusing passwords causes a domino effect, when an adversary compromises one password, she will exploit it to gain access to more websites
Hacker Applying Random-Key Function/Method for Hacking the user passwordPROPOSED SYSTEM: The main Objective of OPass is free users from having to remember ortype any passwords into conventional computers for authentication. Unlike genericuser uthentication, oPass involves a new component, the cellphone, which is usedto generate one-time passwords and a new communication channel, SMS, which isused to transmit authentication messages.ADVANTAGE: Anti-malware Phishing Protection Secure Registration and Recovery Password Reuse Prevention and Weak Password Avoidance Cellphone ProtectionALGORITHM USED: 1. UK(Unique Key) Generation 2. Triple DES(Data Encryption Standard)
ARCHITECTURE DIAGRAM:SYSTEM REQUIREMENTS: 1. Hardware Requirements: Intel Pentium IV 256/512 MB RAM 1 GB Free disk space or greater 1 GB on Boot Drive 1 Network Interface Card (NIC) 2. Software Requirements: MS Windows XP
MS IE Browser 6.0/later MS Dot Net Framework 2.0 MS Visual Studio.NET 2005 MS SQL Server 2005 Language :ASP.Net(C#)APPLICATIONS Networking Online business Government sectors Military sectors