Higher Security for Login System Using RSA and One-time Pad Schemes
Keywords:
Login System, RSA Scheme, One-time Pad (OPT), Security, Li Ming –Xin’s Method, Time,Abstract
The aim of this paper is to propose a new methodology to increase the security for Login System using RSA and One-time pad (OTP). In the past, the application of RSA with Login System focused on keeping the private key in the server. However, this approach has limitation, in which the overall system can be broken whenever the private key is recovered. Therefore, this paper proposes a different method where the RSA’s private key used for exchanging OTP’s key is kept at the client’s side, whilst the public key and modulus are kept in the database. Furthermore, as a preventive measure from the attackers, the OTP’s key is generated in the server. If it is created at the client’s side, the attackers can trap both the encrypted key and encrypted password from client. Accordingly, they can send both of them to the server without encrypting again and without knowing the password. In addition, the RSA’s process in the server is an encryption process only. That means it takes only a small computation cost for computing modular exponentiation because the public key is always small when compared with the private key. Assuming that the client’s private key is recovered, only the client system whose private key can be found will be broken, which implies that it does not affect to other clients. The experimental results show that although users must remember their private keys and consumes more time, the new proposed system is very strong and secure. Therefore, users who use this system can access the web application without worrying the attackers.Downloads
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)