RSAM: novel JavaCard-based authentication system for secured transactions on the Internet

Most practical authentication systems today, notably SSL, make use of both symmetric and asymmetric cryptosystems to provide secure communication in the Internet. Although SSL is regarded as secure, it is still susceptible to certain vulnerabilities such as brute force attack; this is so especially when short key length is used coupled with the rapid technological advances in distributed computing capability. Dependence on a single encryption algorithm makes possible the use of brute force to search exhaustively the entire key space to guess the key, especially when the plaintext contains “meaningful” data. This paper presents a novel authentication module, Random Symmetric Authentication Module (RSAM), which make use of a wide range of simple encryption algorithms and different keys for each encryption to make it insurmountably difficult for an attacker to use ciphertext-only attack to steal any private information. Each encryption process is unique and bears no relation to the adjacent encryption ensures that no similar recognizable pattern can be detected. JavaCard is used to enhance the security of the authentication session