Multi Server Authentication System Based On Palm Vein Authentication and Secured OTP Using ECC

Authors

  • Yugapriya. R  Department of Information Technology, Dhanalakshmi College of Engineering, Chennai, Tamil Nadu, India
  • Vijayanandhini. E  Department of Information Technology, Dhanalakshmi College of Engineering, Chennai, Tamil Nadu, India
  • Seetha. J  Department of Information Technology, Dhanalakshmi College of Engineering, Chennai, Tamil Nadu, India

Keywords:

OTP-One time password, ECC-Elliptic curve cryptography, Palm vein, Biometric Authentication

Abstract

There is no proper security is implemented in online bank transaction even though lot of mobile user’s presence. These textual passwords are easily hacked by the attackers using Guessing attacks and Shoulder Surfing attacks. To provide data communication security while sending the (OTP) One Time Password form bank transaction to customer using Elliptic Curve Cryptography (ECC) technique. The bank transaction server generates OTP and encrypts the OTP with ECC. To generate private key, we take the palm vein of the user and generates its hash value. The hash value is private key of user. During the authentication process, server sends the encrypted OTP to user. Then the user decrypt the OTP based on giving its private key. The user will be registering their palm vein and can select 3 different web portals like face book, gmail and twitter. After successful verification of palm vein user can select any one of the above set sample web sites so that the corresponding web sites gets login without its password.

References

  1. Lucas Ballard, SenyKamara, and Michael K. Reiter. The practical subtleties of biometric key generation.
  2. E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. Recommendation for key management part 1: General (revision 3). NIST Special Publication 800-57, pages 1–147, July 2012.
  3. Nandini C. and Shylaja B. Efficient cryptographic key generation from fingerprint using symmetric hash functions. Research and Reviews in Computer Science, International Journal of, 2(4), 2011.
  4. B. Chen and V. Chandran. Biometric based cryptographic key generation from faces. In Digital Image Computing Techniques and Applications, 9th Biennial Conference of the Australian Pattern Recognition Society on, pages 394–401, Dec 2007.
  5. W. Diffie and M.E. Hellman.New directions in cryptography. Information Theory, IEEE Transactions on, 22(6):644–654, Nov 1976.
  6. Yevgeniy Dodis, Leonid Reyzin, and Adam Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Christian Cachin and JanL. Camenisch, editors, Advances in Cryptology- EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, pages 523–540. Springer Berlin Heidelberg, 2004.
  7. HaoFeng and Chan Choong Wah. Private key generation from online handwritten signatures. Information Management & Computer Security, 10(4):159–164, 2002.
  8. S.P. Ganesan. An asymmetric authentication protocol for mobile devices using elliptic curve cryptography. In Advanced Computer Control (ICACC), 2010 2nd International Conference on, volume 4, pages 107– 109, March 2010.

International Journal of Scientific Research in Science and Technology

Downloads

Published

2016-04-30

Issue

Volume 2, Issue 2, March-April-2016

Section

Research Articles

License

Copyright (c) IJSRST

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Yugapriya. R, Vijayanandhini. E, Seetha. J, " Multi Server Authentication System Based On Palm Vein Authentication and Secured OTP Using ECC , International Journal of Scientific Research in Science and Technology(IJSRST), Online ISSN : 2395-602X, Print ISSN : 2395-6011, Volume 2, Issue 2, pp.163-165, March-April-2016.