Multi-Seed Base Authentication

Nader Nassar, Pace University

Abstract

Multi-Seed Base Authentication, MSBA, an authentication protocol presented in this research, improves many of the shortcomings of the existing authentication protocols. In addition, it identifies new spaces of entropy sources that could enhance the generation of seeds and tokens in the pseudo random number generation domain. This thesis includes a study and a protocol on using image file as an entropy source to generate the seeds used by the pseudo random number generators in order to produce tokens. A protocol to communicate dynamic multiple tokens between a client and a server in a challenge response fashion and also a study on the effect of using S/Key scheme on improving the security of the proposed protocol. A set of experiments was conducted to analyze the proposed protocols. Using a set of 14,000 images of distinct individuals, we ran experiments using the proposed authentication protocol to study the accuracy and performance of the proposed authentication method. In addition, using the same set of images, we experimented the use of pixel-based entropy to generate the needed seeds. The result of the experiments confirmed that MSBA is a dynamic and secure authentication protocol that alleviates many threats and usability concerns that are associated with most of the common authentication methods. The simulation conducted also asserted that the use of dynamic seeds generated from user data such as image files provides a larger entropy space because the dynamic generation of the seeds and the token proved to be more secure than both text and graphical based password solutions.

Subject Area

Computer science

Recommended Citation

Nassar, Nader, "Multi-Seed Base Authentication" (2016). ETD Collection for Pace University. AAI10603857.
https://digitalcommons.pace.edu/dissertations/AAI10603857

Share

COinS

Remote User: Click Here to Login (must have Pace University remote login ID and password. Once logged in, click on the View More link above)