SAER

1. LOYOLA – ICAM
COLLEGE OF ENGINEERING AND TECHNOLOGY (LICET)
Loyola College Campus, Nungambakkam , Chennai – 34
PROJECT REVIEW :01/4/14
SECURE AUTHENTICATION MODEL FOR BANKING TRANSACTIONS
Done by Guide
Gavic Bikku George Mr.Remegius Pravin Sahayaraj
Mohammed Shamil
Divya Monica Magima

2. INTRODUCTION
• Electronic banking uses computer and electronic technology in place of checks
and other paper transactions to transfer details from one account to another.
•The contents which has to be transferred will contain all the bank account details
which are confidential.
•In order to maintain the confidentiality, secure algorithms should be used so that
no unauthorized user is able to access it.
•While computer systems today have some of the best security systems, they are
more exposed to attacks than ever before.
•Computer and network security comes in many forms, including encryption
algorithms, access to facilities, digital signatures, and using fingerprints and face
scans as passwords.
•The current technique used is Identity-Based mediated RSA(IB-mRSA) with the
one-time ID concept for the purpose of increasing security.

3. PROBLEM STATEMENT
•Online banking systems are becoming more desirable targets for attacks.
• In order to provide security and trust we use a modified model to
authenticate clients for online banking transactions through utilizing
Identity Based mediated RSA(IB-mRSA)technique in conjunction with the
one-time ID concept for the purpose of increasing security.
• The introduced system splits the private keys .
•Neither the client nor the CA can cheat one another since one-timeID can
be used only once and each signature must involve both parties.

4. CONCEPTS ADVANTAGE DISADVANTAGE
AES(Advanced Encryption
Standard) Algorithm
(otherwise known as Rijndael
algorithm)
- High efficiency not
complex high secure
- AES is faster in both
hardware and software.
 - It needs more
processing. It requires
more rounds of
communication
compared to DES.
DES(Data Encryption Standard)
Algorithm
- The most efficient
attack is still brute
force.
- It is fast in hardware.
- Hardware
implementations of
DES are very fast
- Relatively fast in
software.
- Software
implementation is slow.
- The 56-bit key size is
the biggest defect of
DES( if u want keep
this point)
RSA( Ron Rivest, Adi
Shamir and Leonard Adleman)
Algorithm
- The biggest advantage
is that it uses Public
Key Encryption.
- Due the use of Public
Key Encryption the
speed of the algorithm
is affected.
mRSA Algorithm - The private key is split
into two halves for
better security of the
message.
- More process required
for combining the
splited private key to
obtain the original
message.
COMPARISON OF CONCEPTS

5. EXISTING SYSTEM
The existing system consists of the private key and the public
key generation (i.e RSA technique)along with random key.It is
considered more vulnerable to attacks.In order to overcome
this we use an additional algorithm to the basic RSA algorithm.

6. PROPOSED SYSTEM
In the proposed system, in order to increase the level of security
we have integrated one time identity based (IB) algorithm along
with the mediated RSA(mRSA) concept forming IB-mRSA
algorithm and also the private key is split into two.

7. REQUIREMENT ANALYSIS
Hardware Requirements:
Developing Kit
Processor RAM Disk Space
Net Beans 7.1.2 Computer with a 2.6GHz
processor or higher
512MB Minimum Minimum 20 GB
Database
MySql 4.0 Intel Pentium processor at
2.6GHz or faster
Minimum 512 MB Physical
Memory; 1 GB Recommended
Minimum 20 GB

8. Software Requirements:
FRONT END Java Server Pages,
USER INTERFACE HTML, DHTML
BACK END My Sql , Heidi SQL
WEB SERVER Jakarta Apache Tomcat 6.0,
SCRIPTING LANGUAGE Java Script
WEB BROWSER Chrome
IDE Net Beans 7.1.2

9. OVERALL SYSTEM ARCHITECTURE

10. MODULES
• MODULE 1-CA
- The purpose of CA is to split the private keys into two parts, one for the client
and the other for the SEM.
• MODULE 2-Security Mediator (SEM)
- Security Mediator (SEM) module is an online partially trusted server.
- It creates a signature using the half private key from CA and the cntent sent from
the bank.
• MODULE 3-One-Time ID
- An attacker cannot specify who is communicating even when he eavesdrops on
one-time ID.
- One-time ID can be used only once
• MODULE 4-Key Generation
- The client sends a message to the CA containing the client’s identity (ID).
- The CA server checks the client‘s identity and if it is valid it geenrates the key.

11. SCREENSHOTS
Step1: Creating an account Step 2: Logging in

12. Step3 :One time password
generation
Step5: Your account is
successfully created

13. Step6 : Login to your
account
Step7: Deposit

14. Step 8: Transferring money to another account

15. Step 9: View Transactions

16. FUTURE WORKS
• The private key has been split into two parts inorder to
increase the security.
• Our future enhancement is to split the private key using
complex mathematical functions for increased security.