An Encryption Key for Secure Authentication: The Dynamic Solution

In modern day technology, the Information Society is at risk. Passwords are a multi-user computer systems usual first line of defence against intrusion. A password may be textual with any combination of alphanumeric characters or biometric or 3-D. But no authentication protocol is fully secured against todays hackers as all of them are Static in type. Dynamic authentication protocol is still a theoretical concept. In this paper, we are focusing on a concept of authentication technique which is actually dynamic in genre, i.e. the password here will change in t time (where t is as small as possible). This technique comprises of both hardware and software part. In this paper, we have covered the idea of generating an e f fi cient algorithm that can work as the final in the Dynamic Password Authentication system. We have used standard deviation within statistics to generalize the possible password which is further secured by Feistel Block Cipher and Advanced Encryption Standard technique (AES), leading and following the said mathematics respectively. In order to allow the system to create variable password in the least time interval possible, we must make sure our process is not much complex.


Introduction
This paper is an extension of the research work named Secure Authentication with Dynamic Password presented in the IEEE IEMCON, , Vancouver, Canada, 2016. [1] When it is the matter with network security, we have to be updated always. As for example, today we simply cannot afford any security system that includes a dilapidated protocol (as for example Caesar Shift Cipher). Security protocols are used to protect several different medium using passwords, which supposed to be known only to the users of the system. Textual password authentication system is the most widely used protocol, though it is not much secure against Shoulder Surfing Attack, Brute Force Attack [2]. Smartcard concept, 3-d password concept are not totally protected either [3], [4]. Biometric system may be the most powerful authentication system ever, but it is much costly [2]. Dynamic password authentication system is the latest system that has come in the field. In this work we have discussed about the cryp-tographic way to generate the dynamic password for the authentication protocol described in the said conference. [1] The authentication protocol described in the conference is a combination of both the hardware and software. Here we are imagining a chip which will be used as the key to unlock different ids. According to the main work, we have taken a random textual password e.g. Password. The ASCII values of each letter acts as equivalence to mass where we have used Einstein's Theory on bending Space-Time Continuum because of Mass. Now we have placed the textual password (here Password) on 3-d box which is described by the X-Y-Z coordinates. [1] Later we have used the concept of the eye. The EYE (technically a sensor) is the only object inside the 3-D box.
The EYE will actually take a random position inside the 3-D box (i.e. the X, Y, Z coordinates of it will be selected randomly). Now the EYE will trace the endings of the shifted parts in the plane by joining them. If we manage to let the eye to change its position in t time (t is as small as possible), then during each time interval we will have a different path as shown. Since at a certain time, the received traced path is the key of the real password, by changing the position of the EYE, and hence by getting different traced path in each time interval t, we gain the dynamically changeable password.
In this paper we have tried to make an algorithm that will be able to convert the traced path (technically a geometric figure) to a combination of binary digits (0 and 1). This expression gained at a certain time will be the password at that time interval. We will try to add some cryptographic concept in the algorithm to make a final defence in the system. The mathematical idea used to convert the geometric figure an expression of standard deviation (in decimal) will be both followed by and lead two different cryptographic concepts the first one is general Feistel Block Cipher concept, [5], [6] and the later one is AES (Advanced Encryption Standard) algorithm.

Security with Feistel Block Cipher Model
We will move further assuming that the textual password chosen by the user was Password. Before going to the generation of the password from the traced path, we need to find the coordinate of the points of the path, which we will do in this process. We will follow the general Feistel Block Cipher concept, i.e. at first, we will divide the plaintext into 2 equal parts say L and R. The plaintext will be the ASCII representation of the textual password. Hence we have the plaintext ASCII representation of Password 8097115115119111114100. [5], [6] Now the string will be divided into 2 halves based on the length of it. If the length of the string is found even, the L, R will be of equal length. If the length of the string is found odd, the length of L will be 1 greater than that of R.
Here we have the length 22. Hence L will be 80971151151 and R will be 19111114100. Each digit in L and R are added and the results will be stored in R' and L' respectively. The addition of digits in L is 39 and the addition of digits in R is 20. Hence R' will store 39 and L' will store 20.
We will count (R' modulo 2) and (L' modulo 2). To find the axis of the traced path, we will follow a concept As for example if (L' modulo 2) is 1 and (R' modulo 2) is 1 then we will consider that the traced path will be in 3rdquadrant and proceed to the mathematics (hence 0 represents positive quadrant and 1 represents negative quadrant). The values of L' and R' will be the x-coordinate and z-coordinate of the initial point in the traced path respectively. should be mentioned that the graph, starting from a specific quadrant, may end in a different quadrant.
A case to be noted that in this concept we havent used Feistel Block Cipher completely. Here we havent used any key and there is no functioning it with L. Instead, we have changed both L and R to R' and L' respectively. The swapping of L and R to R' and L' is done only once instead of having several rounds.

Derivation of the Traced Path
Suppose there are n letters in the password. So, we have n corresponding extreme points in the x-z graph. Here, we connect each 2 consecutive extreme points to get one straight line. Thus, in total we get (n-1) of such straight lines, each having a definite equation f(z,x)=0. The equation of each straight line is provided by the system.
Our job is to find variance (similar to what is used in case of problems with large number of bodies) [7], and thus standard deviation for the distance of each part from x axis (z) for each of (n-1) Straight lines.

are the two extremities of a Straight lines where b > a. Here ρ(x)
is the probability density such that ρ(x)dx defines the probability of an individual being in the interval of (x,x+dx). Therefore, Performing the integrations, we can have σ 2 Now, standard deviation= σ Thus, we will have (n-1) no. of standard deviations for (n-1) of Straight lines.
Standard Deviation of those standard deviations is: So, probability of a random password, matching the real password be: For a 8 digit password, this probability is ∼ 6 × 10 −21

Final Security with AES Algorithm
This process is the final process in the whole system. Here we will use Advanced Encryption Standard (AES) to get the encrypted cipher text [8]. The cipher text will be the actual password in the dynamic password authentication system. Reasons behind selecting AES encryption for our process: (i) AES is one of the most efficient and strongest encryption systems.
(ii) Here we are not much concern of any decryption of the encrypted text (i.e. the password). Hence theres no necessity of choosing asymmetric encryption system like RSA. [9] (iii) Comparing Twofish encryption system and AES encryption system, Twofish slightly leads in terms of security. But AES is faster than Twofish. Since our system gets high security due to the changeable password, we will allow it to change in the minimum time interval possible. Hence we are choosing AES for our authentication system. [10] According to AES system, we will have a plaintext and key of 128 bits and there will be total 10 rounds-9 regular rounds and 1 final round.
We will get the plaintext from the standard deviation of the previous mathematics.
To get the key, the textual password (here Password) is converted to binary. To get a 128 bit (16 byte) key the textual password will have to be of 16 letters. If the textual password is less than 16 letters then there will be a repetition of letters until it reaches 16 letters. If there is more than 16 letters then there will be excise of letters from right to left until it reaches 16 letters. At the end there will be text to binary conversion.
As for example, for the textual password Password since there is 8 letters, after updating we have PasswordPassword. Hence the key will be: 01010000 01100001 01110011 01110011 01110111 01101111 01110010 01100100 01010000 01100001 01110011 01110011 01110111 01101111 01110010 01100100. Now we will move for AES algorithm. The algorithm our system will follow can be described in the figure: [11]  The cipher text we get after whole 10 rounds is the actual password of the system. It is to be noted that we havent done anything with decryption since we are not concerned with the decoding of password to original text.Since the password consists of 128 different characters each having 2 possibilities (0,1), the number of different possible passwords is 2 1 28.

Conclusion
In the main work we have already clarified that the concept is secured against most of the common security threats like Brute Force Attack, Timing Attack, Key Logger and Shoulder Surfing Attack. Moreover, it is shown that the Space and Time Complexity of the concept is less than some other common authentication techniques. The whole idea has been developed to make a secure yet simple concept, creating a user-friendly platform. The time interval t between two different traced paths will depend on the time required for the execution of the two encryption algorithms (Feistel Block Cipher and Advanced Encryption Standard technique), along with the completion of the standard deviation. Less is the t, greater is the possibility of having 2 different traced paths in a time interval T, hence greater is the security. The algorithms used in generating the binary password from the graphical traced path are recognised as some secure encryption techniques. Hence they can perform as the final defence as well. At the end we should mention that since we have worked with a completely theoretical concept, it should go through an experimental procedure to detect the flaws and disadvantages.