Abstract: The use of Automated Teller Machine (ATM) has become an important tool among commercial banks, customers of banks have come to depend on and trust the ATM conveniently meet their banking needs. Although the overwhelming advantages of ATM cannot be over-emphasized, its alarming fraud rate has become a bottleneck in it’s full adoption in Nigeria. This study examined the menace of ATM in the society another cost of running ATM services by banks in the country. The researcher developed a prototype of an enhanced Automated Teller Machine Authentication using Short Message Service (SMS) Verification. The developed prototype was tested by Ten (10) respondents who are users of ATM cards in the country and the data collected was analyzed using Statistical Package for Social Science (SPSS). Based on the results of the analysis, it is being envisaged that the developed prototype will go a long way in reducing the alarming rate of ATM fraud in Nigeria.
Abstract: The multimodal biometric identification is the combination of several biometric systems; the challenge of this combination is to reduce some limitations of systems based on a single modality while significantly improving performance. In this paper, we propose a new approach to the construction and the protection of a multimodal biometric database dedicated to an identification system. We use a topological watermarking to hide the relation between face image and the registered descriptors extracted from other modalities of the same person for more secure user identification.
Abstract: Three-party password authenticated key exchange (3PAKE) protocols are widely deployed on lots of remote user authentication system due to its simplicity and convenience of maintaining a human-memorable password at client side to achieve secure
communication within a hostile network. Recently, an improvement of 3PAKE protocol by processing a built-in data attached to other party for identity authentication to individual data was proposed by some researchers. However, this paper points out that the improved 3PAKE protocol is still vulnerable to undetectable on-line dictionary attack and off-line dictionary attack.
Abstract: The Choquet integral is a tool for the information fusion that is very effective in the case where fuzzy measures associated with it are well chosen. In this paper, we propose a new approach for calculating fuzzy measures associated with the Choquet integral in a context of data fusion in multimodal biometrics. The proposed approach is based on genetic algorithms. It has been validated in two databases: the first base is relative to synthetic scores and the second one is biometrically relating to the face, fingerprint and palmprint. The results achieved attest the robustness of the proposed approach.
Abstract: Signature amortization schemes have been introduced
for authenticating multicast streams, in which, a single signature is
amortized over several packets. The hash value of each packet is
computed, some hash values are appended to other packets, forming
what is known as hash chain. These schemes divide the stream into
blocks, each block is a number of packets, the signature packet in
these schemes is either the first or the last packet of the block.
Amortization schemes are efficient solutions in terms of computation
and communication overhead, specially in real-time environment.
The main effictive factor of amortization schemes is it-s hash chain
construction. Some studies show that signing the first packet of each
block reduces the receiver-s delay and prevents DoS attacks, other
studies show that signing the last packet reduces the sender-s delay.
To our knowledge, there is no studies that show which is better, to
sign the first or the last packet in terms of authentication probability
and resistance to packet loss.
In th is paper we will introduce another scheme for authenticating
multicast streams that is robust against packet loss, reduces the
overhead, and prevents the DoS attacks experienced by the receiver
in the same time. Our scheme-The Multiple Connected Chain signing
the First packet (MCF) is to append the hash values of specific
packets to other packets,then append some hashes to the signature
packet which is sent as the first packet in the block. This scheme
is aspecially efficient in terms of receiver-s delay. We discuss and
evaluate the performance of our proposed scheme against those that
sign the last packet of the block.
Abstract: It is well-known that in wireless local area networks,
authenticating nodes by their MAC addresses is not secure since it is
very easy for an attacker to learn one of the authorized addresses and
change his MAC address accordingly. In this paper, in order to
prevent MAC address spoofing attacks, we propose to use
dynamically changing MAC addresses and make each address usable
for only one session. The scheme we propose does not require any
change in 802.11 protocols and incurs only a small performance
overhead. One of the nice features of our new scheme is that no third
party can link different communication sessions of the same user by
monitoring MAC addresses therefore our scheme is preferable also
with respect to user privacy.
Abstract: Current proposals for E-passport or ID-Card is similar to a regular passport with the addition of tiny contactless integrated circuit (computer chip) inserted in the back cover, which will act as a secure storage device of the same data visually displayed on the photo page of the passport. In addition, it will include a digital photograph that will enable biometric comparison, through the use of facial recognition technology at international borders. Moreover, the e-passport will have a new interface, incorporating additional antifraud and security features. However, its problems are reliability, security and privacy. Privacy is a serious issue since there is no encryption between the readers and the E-passport. However, security issues such as authentication, data protection and control techniques cannot be embedded in one process. In this paper, design and prototype implementation of an improved E-passport reader is presented. The passport holder is authenticated online by using GSM network. The GSM network is the main interface between identification center and the e-passport reader. The communication data is protected between server and e-passport reader by using AES to encrypt data for protection will transferring through GSM network. Performance measurements indicate a 19% improvement in encryption cycles versus previously reported results.
Abstract: Electronic banking must be secure and easy to use and
many banks heavily advertise an apparent of 100% secure system
which is contestable in many points. In this work, an alternative
approach to the design of e-banking system, through a new solution
for user authentication and security with digital certificate called
LumaCert is introduced. The certificate applies new algorithm for
asymmetric encryption by utilizing two mathematical operators
called Pentors and UltraPentors. The public and private key in this
algorithm represent a quadruple of parameters which are directly
dependent from the above mentioned operators. The strength of the
algorithm resides in the inability to find the respective Pentor and
UltraPentor operator from the mentioned parameters.
Abstract: In recent years, it has been proposed security
architecture for sensor network.[2][4]. One of these, TinySec by Chris
Kalof, Naveen Sastry, David Wagner had proposed Link layer security
architecture, considering some problems of sensor network. (i.e :
energy, bandwidth, computation capability,etc). The TinySec employs
CBC_mode of encryption and CBC-MAC for authentication based on
SkipJack Block Cipher. Currently, This TinySec is incorporated in the
TinyOS for sensor network security.
This paper introduces TinyHash based on general hash algorithm.
TinyHash is the module in order to replace parts of authentication and
integrity in the TinySec. it implies that apply hash algorithm on
TinySec architecture. For compatibility about TinySec, Components
in TinyHash is constructed as similar structure of TinySec. And
TinyHash implements the HMAC component for authentication and
the Digest component for integrity of messages. Additionally, we
define the some interfaces for service associated with hash algorithm.
Abstract: In this paper a Public Key Cryptosystem is proposed
using the number theoretic transforms (NTT) over a ring of integer
modulo a composite number. The key agreement is similar to
ElGamal public key algorithm. The security of the system is based on
solution of multivariate linear congruence equations and discrete
logarithm problem. In the proposed cryptosystem only fixed numbers
of multiplications are carried out (constant complexity) and hence the
encryption and decryption can be done easily. At the same time, it is
very difficult to attack the cryptosystem, since the cipher text is a
sequence of integers which are interrelated. The system provides
authentication also. Using Mathematica version 5.0 the proposed
algorithm is justified with a numerical example.
Abstract: Iris-based biometric system is gaining its importance in several applications. However, processing of iris biometric is a challenging and time consuming task. Detection of iris part in an eye image poses a number of challenges such as, inferior image quality, occlusion of eyelids and eyelashes etc. Due to these problems it is not possible to achieve 100% accuracy rate in any iris-based biometric authentication systems. Further, iris detection is a computationally intensive task in the overall iris biometric processing. In this paper, we address these two problems and propose a technique to localize iris part efficiently and accurately. We propose scaling and color level transform followed by thresholding, finding pupil boundary points for pupil boundary detection and dilation, thresholding, vertical edge detection and removal of unnecessary edges present in the eye images for iris boundary detection. Scaling reduces the search space significantly and intensity level transform is helpful for image thresholding. Experimental results show that our approach is comparable with the existing approaches. Following our approach it is possible to detect iris part with 95-99% accuracy as substantiated by our experiments on CASIA Ver-3.0, ICE 2005, UBIRIS, Bath and MMU iris image databases.
Abstract: Because of the great advance in multimedia
technology, digital multimedia is vulnerable to malicious
manipulations. In this paper, a public key self-recovery block-based
video authentication technique is proposed which can not only
precisely localize the alteration detection but also recover the missing
data with high reliability. In the proposed block-based technique,
multiple description coding MDC is used to generate two codes (two
descriptions) for each block. Although one block code (one
description) is enough to rebuild the altered block, the altered block
is rebuilt with better quality by the two block descriptions. So using
MDC increases the ratability of recovering data. A block signature is
computed using a cryptographic hash function and a doubly linked
chain is utilized to embed the block signature copies and the block
descriptions into the LSBs of distant blocks and the block itself. The
doubly linked chain scheme gives the proposed technique the
capability to thwart vector quantization attacks. In our proposed
technique , anyone can check the authenticity of a given video using
the public key. The experimental results show that the proposed
technique is reliable for detecting, localizing and recovering the
alterations.
Abstract: This work presents a new approach of securing a
wireless network. The configuration is focused on securing &
Protecting wireless network traffic for a small network such as a
home or dorm room. The security Mechanism provided both
authentication, allowing only known authorized users access to the
wireless network, and encryption, preventing anyone from reading
the wireless traffic. The mentioned solution utilizes the open source
free S/WAN software which implements the Internet Protocol
Security –IPSEC. In addition to wireless components, wireless NIC
in PC and wireless access point needs a machine running Linux to act
as security gateway. While the current configuration assumes that the
wireless PC clients are running Linux, Windows XP/VISTA/7 based
machines equipped with VPN software which will allow to interface
with this configuration.
Abstract: Providing authentication for the messages exchanged
between group members in addition to confidentiality is an important
issue in Secure Group communication. We develop a protocol for
Secure Authentic Communication where we address authentication
for the group communication scheme proposed by Blundo et al.
which only provides confidentiality. Authentication scheme used is a
multiparty authentication scheme which allows all the users in the
system to send and receive messages simultaneously. Our scheme is
secure against colluding malicious parties numbering fewer than k.
Abstract: IPsec has now become a standard information security
technology throughout the Internet society. It provides a well-defined
architecture that takes into account confidentiality, authentication,
integrity, secure key exchange and protection mechanism against
replay attack also. For the connectionless security services on packet
basis, IETF IPsec Working Group has standardized two extension
headers (AH&ESP), key exchange and authentication protocols. It is
also working on lightweight key exchange protocol and MIB's for
security management. IPsec technology has been implemented on
various platforms in IPv4 and IPv6, gradually replacing old
application-specific security mechanisms. IPv4 and IPv6 are not
directly compatible, so programs and systems designed to one
standard can not communicate with those designed to the other. We
propose the design and implementation of controlled Internet security
system, which is IPsec-based Internet information security system in
IPv4/IPv6 network and also we show the data of performance
measurement. With the features like improved scalability and
routing, security, ease-of-configuration, and higher performance of
IPv6, the controlled Internet security system provides consistent
security policy and integrated security management on IPsec-based
Internet security system.
Abstract: In this paper, a novel multipurpose audio watermarking
algorithm is proposed based on Vector Quantization (VQ) in Discrete
Cosine Transform (DCT) domain using the codeword labeling and
index-bit constrained method. By using this algorithm, it can fulfill the
requirements of both the copyright protection and content integrity
authentication at the same time for the multimedia artworks. The
robust watermark is embedded in the middle frequency coefficients of
the DCT transform during the labeled codeword vector quantization
procedure. The fragile watermark is embedded into the indices of the
high frequency coefficients of the DCT transform by using the
constrained index vector quantization method for the purpose of
integrity authentication of the original audio signals. Both the robust
and the fragile watermarks can be extracted without the original audio
signals, and the simulation results show that our algorithm is effective
with regard to the transparency, robustness and the authentication
requirements
Abstract: Iris-based biometric authentication is gaining importance
in recent times. Iris biometric processing however, is a complex
process and computationally very expensive. In the overall processing
of iris biometric in an iris-based biometric authentication system,
feature processing is an important task. In feature processing, we extract
iris features, which are ultimately used in matching. Since there
is a large number of iris features and computational time increases
as the number of features increases, it is therefore a challenge to
develop an iris processing system with as few as possible number of
features and at the same time without compromising the correctness.
In this paper, we address this issue and present an approach to feature
extraction and feature matching process. We apply Daubechies D4
wavelet with 4 levels to extract features from iris images. These
features are encoded with 2 bits by quantizing into 4 quantization
levels. With our proposed approach it is possible to represent an
iris template with only 304 bits, whereas existing approaches require
as many as 1024 bits. In addition, we assign different weights to
different iris region to compare two iris templates which significantly
increases the accuracy. Further, we match the iris template based on
a weighted similarity measure. Experimental results on several iris
databases substantiate the efficacy of our approach.
Abstract: In this paper we describes the authentication for DHCP
(Dynamic Host Configuration Protocol) message which provides the
efficient key management and reduces the danger replay attack without
an additional packet for a replay attack. And the authentication for
DHCP message supports mutual authentication and provides both
entity authentication and message authentication. We applied the
authentication for DHCP message to the home network environments
and tested through a home gateway.
Abstract: Quantum cryptography offers a way of key agreement,
which is unbreakable by any external adversary. Authentication is
of crucial importance, as perfect secrecy is worthless if the identity
of the addressee cannot be ensured before sending important information.
Message authentication has been studied thoroughly, but no
approach seems to be able to explicitly counter meet-in-the-middle
impersonation attacks. The goal of this paper is the development of
an authentication scheme being resistant against active adversaries
controlling the communication channel. The scheme is built on top
of a key-establishment protocol and is unconditionally secure if built
upon quantum cryptographic key exchange. In general, the security
is the same as for the key-agreement protocol lying underneath.
Abstract: Recently, Jia et al. proposed a remote user authentication scheme using bilinear pairings and an Elliptic Curve Cryptosystem (ECC). However, the scheme is vulnerable to privileged insider attack at their proposed registration phase and to forgery attack at their proposed authentication phase. In addition, the scheme can be vulnerable to server spoofing attack because it does not provide mutual authentication between the user and the remote server. Therefore, this paper points out that the Jia et al. scheme is vulnerable to the above three attacks.