By Topic

Cellular phone based web authentication system using 3-D encryption technique under stochastic framework

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Somsubhra Gupta ; Department of Information Technology, JIS College of Engineering, Kalyani-741235, India ; Soham Sengupta ; Mainak Bhattacharyya ; Sandip Chattrejee
more authors

This paper presents an approach to a user authentication system for web applications using JME enabled cellular phone as an authentication token. Most of the existing web based user authentication systems use user IDs and passwords to authenticate users. However, since its inception, the internet has been the witness to increasing number of attacks resulting sensitive information like user IDs, passwords and credit card details being stolen from the users' computer by a technique known as 'masquerading'. The most common attacks include phishing, spoofing, key-loggers and spy-wares with the aim of impersonating the user. Even if the authentication systems manage to protect communication channels with encryption methods and digital signatures, the information can directly be stolen from the user's Computer Terminal. To provide users with all round protection against all such attacks, we propose a user authentication system the components of which are a Computer Terminal and a JME enabled cellular phone using parallel network channel along with segmentation and clustering. An encryption algorithm is used that takes the random challenge from the web server received via SMS in the cellular phone and encrypts it using the seed value and the login password. Then, the cipher text is returned to the server via an SMS from the cellular phone which in turn verifies the authenticity of the user from the server.

Published in:

2009 First Asian Himalayas International Conference on Internet

Date of Conference:

3-5 Nov. 2009