MULTI-MODE DATA SECURITY FOR SECRET COMMUNICATION

Candida Paulette Alphonso, Maruska Mascarenhas

Abstract: Data Security in the current digitized era determines the ability of the system to protect, manage and distribute sensitive information. Privacy is the right of authorized users to ensure that confidential information maintained is being controlled and protected from unauthorized access or distribution. The major goals of data security are Confidentiality, Integrity, and Authentication. Text based passwords are the most common methods used for authentication. But these textual passwords are vulnerable to dictionary attacks, eves dropping and shoulder surfing. To address this problem, an approach for image based authentication has been proposed to authenticate a valid user with regards to enhancing the security of textual passwords which can be easily compromised. In this paper, algorithms for Image Cryptography, Image Steganography and Knowledge based Image CAPTCHA have been proposed to provide a one time communication. The image will be encrypted into two image shares at the server during password generation and the share returned to the client will be used as a token during authentication. At no time the entire password will be transmitted over the network or stored on any system during authentication. This hybrid multimode approach attempts to lessen the attacks towards password security thereby minimizing the risks of user impersonification and providing efficient means to transfer secret data using images. The proposed approach is well suited for private networks to transfer confidential messages without compromising the integrity of data.

Keywords: authentication; visual cryptography; password; steganography; CAPTCHA

DOI: https://doi.org/10.15623/ijret.2015.0418003