Abstract

Password authentication is a mechanism used to authenticate user identity over insecure communication channel. In this paper, a new method to improve the security of password authentication is proposed. It is based on the compression capability of the fractal image coding to provide an authorized user a secure access to registration and login process. In the proposed scheme, a hashed password string is generated and encrypted to be captured together with the user identity using text to image mechanisms. The advantage of fractal image coding is to be used to securely send the compressed image data through a nonsecured communication channel to the server. The verification of client information with the database system is achieved in the server to authenticate the legal user. The encrypted hashed password in the decoded fractal image is recognized using optical character recognition. The authentication process is performed after a successful verification of the client identity by comparing the decrypted hashed password with those which was stored in the database system. The system is analyzed and discussed from the attacker’s viewpoint. A security comparison is performed to show that the proposed scheme provides an essential security requirement, while their efficiency makes it easier to be applied alone or in hybrid with other security methods. Computer simulation and statistical analysis are presented.

1. Introduction

Passwords have been present in information technology since the earliest days before the age of the PC. Using consumer password recovery software, the eight character password can be cracked in under an hour. More experienced hackers can crack 14 character password including alpha-numeric with special characters by using rainbow table and some free tools in less than three minutes. So adding numeric and other characters does not mean adding some level of protection but may increase the time needed [1].

In a client/server system scenario, password-based authentication schemes play crucial role to identify the validity of a remote user to maintain user’s information and make it more difficult to have unauthorized access to restricted resources. The first remote authentication scheme was introduced in 1981 by Lamport [2]. He proposed a password authentication scheme that was based on password tables to authenticate legitimate user over insecure channel. Since then, many password-based authentication schemes were proposed and analyzed to improve the security, efficiency, or cost [37]. Traditional alphanumeric passwords are widely used for authentication. In these schemes, the security of the remote user authentication is based on the password only. Simple passwords can be easily obtained by an attacker given enough attempts and time. There is always a threat due to the availability of simple, rapid, and perfect duplication and distribution means using simple dictionary attacks. Given the explosive growth of internet and the exponential increase in computer performance that facilitated the exchange of multimedia information, there is a necessity to invent new protection mechanisms to maintain user information. Many emerging methods have been designed today to solve this problem, some of them are biometric-based remote user authentication which is considered as a secure and reliable method compared to traditional one, but they are more costly and require specialized hardware, such as those proposed by Lee et al. [8]. The others are based on one time password by using smart cards, for example those proposed by Hwang and Li [4] in 2000 and many others. Wang et al. [9] applied FIC scheme to refine characteristic values of a specific image and embed them into the LSB of pixels in the image. The system has the ability to detect and restore the tampered images decoding process of the FIC. In 2007, E. J. Yoon and K. Y. Yoon [10] proposed an efficient chaotic hash based fingerprint biometric remote user authentication scheme on mobile devices. In 2011, Motýl and Jašek [11] proposed advanced user authentication process based on the principles of fractal geometry. The system is based on polynomial fractal sets, specifically the Mandelbrot set. The system meets all the conditions for the construction of hash functions.

In this paper we propose a new password authentication scheme based on fractal image coding scheme. Its properties are addressed and its security is analyzed and compared to some of the aforementioned methods by Lamport [2], Hwang and Li [4], and Lee et al. [8].

The fractals theoryis a new discipline that offers a new method to research the self-similarity objects and irregular phenomena. It is an active branch of nonlinear science starting from the 1970s. Fractal has proven to be suitable in many fields and particularly interesting in various applications of image processing. Some phenomena which cannot be explained with Euclidean geometry could be interpreted with fractal geometry. Fractal theory and its methodology provides people with a new view and new ideas to know the world, and it makes our way of thinking enter into the nonlinear stage. First important advances are due to Barnsley et al. [12, 13], who introduced for the first time the term “Iterated Function Systems (IFSs)” based on the self-similarity of fractal sets. Barnsley's work assumes that many objects can be closely approximated by self-similarity objects that might be generated by use of IFS simple transformations. From this assumption, the IFS can be seen as a relationship between the whole image and its parts, the main problem being how to find these transformations (the IFSs) [14]. There is, in fact, a version of the IFS theory, the Local Iterated Function Systems theory that minimizes the problem by stating that the image parts do not need to resemble the whole image but it is sufficient for them to be similar to some other bigger parts in it. It was Jacquin [15], who developed an algorithm to automate the way to find a set of transformations, providing good quality to the decoded images.

The outline of the paper is organized as follows: the theoretical concepts of fractal image coding are explained in Section 2, while a brief explanation of the methodology is provided in Section 3. The core of this paper is Section 4, which discusses the algorithm. In Section 5, the experimental results are described. Section 6, analyzes the security and evaluates the efficiency of the proposed scheme, while a security comparison between the proposed scheme and other password authentication scheme are presented in Section 7, followed by a brief conclusion in Section 8.

2. The Fractal Theory

With the exponential development in the field of multimedia systems, the need for storing images in less memory leads to a direct reduction in storage cost and faster data transmissions. Fractal Image coding is a mathematical process used to encode bitmaps containing a real-world image as a set of mathematical data that describes the fractal properties of the image. Most data contains amount of redundancy, which can be removed from storage and replaced for recovery [16]. Based on this reality and on Bernsley’s assumption, many objects can be closely approximated by self-similarity objects which might be generated by use of IFS, where the IFS can be seen as a transformation between the whole and its parts, the fractal image coding evolved. Hence, the main problem that arises is how to find these IFS transformation. It was Jacquin [15] who solved this problem by developing an algorithm to automate the way to find these transformation based on the fact that different parts of the image at different scales are similar and on the assumption that the image parts do not need to resemble the whole image, but it is sufficient for them to be similar to some other bigger parts in it. Using these advantages, the FIC became an inspiration for solving several techniques whose main characteristic is the use of the similarity property in image block [17].

2.1. Mathematics for Fractal Image Coding

The main idea of fractal image coder is to determine a set of contractive IFS transformation to approximate each block of the image to generate the whole image. Some background for fractal theory to understand the IFS and FIC are given as follows. A more detailed review of the topics can be found in [1820].

Definition 2.1. Given a metric space (), the space of all nonempty compact subset of is called the Hausdorff space . The Hausdorff distance is defined on by

Definition 2.2. For any two metric spaces () and (), a transformation is said to be a contraction if and only if there exists a real number , , such that , for any , where is the contractivity factor for .

Theorem 2.3 (Fundamental Theorem of Iterated Function Systems). For any IFS there exists a unique nonempty compact set the invariant attractor of the IFS, such that .
Another important property (Theorem 2.4) of contractive transformations of a complete metric space within itself is known as the contraction mapping theorem.

Theorem 2.4. Let be a contraction on a complete metric space (). Then, there exists a unique point such that . Furthermore, for any , we have , where denotes the n-fold composition of .

Definition 2.5. Any affine transformation of the plane has the following form: By considering a metric space and a finite set of contractive transformation , with respective contractivity factors , we proceed to define a transformation , where is the collection of nonempty, compact subsets of , by

It is easily shown that is a contraction, with contractivity factor . The mapping is usually referred to as Hutchinson operator. It follows from the contraction mapping theorem that, if () is complete, has a unique fixed point , satisfying the remarkable self-covering condition:

However, given a set , how can one find a contractive transformation such that its attractor is close to ? To answer this question we have to apply the Collage Theorem.

Theorem 2.6. For a set and a contraction with attractor : where h is the Hausdorff Distance.

That is to say, and are sufficiently close, if and are made close enough in terms of , and combe the following two expressions: where, which implies can be partitioned as: and can be closely approximated by applying a contractive affine transformation on the whole , where, .

2.2. Fractal Image Coding

The goal of FIC is to be able to store an image as a set of IFS transformation instead of storing individual pixel data. We use a type of transformation called Partition Iterated Function System (PIFS), because we work on a section of the image instead of the whole image. The process of encoding the image requires us to find a collection of contractive maps with and as the fixed point (or attractor) of the map . The fixed-point equation suggests that we partition into pieces to which we apply the transforms to get back the original image [21]. Let the metric space of a digital image be set by the pair (, rms), where rms is the root mean square metric instead of the Hausdorff metric discussed above to compress the image . It is necessary to find , such that rms. This metric space is determined by partitioning the original image into a set of nonoverlapping range blocks that cover and a set of overlapping domain block that has twice the side of the range blocks and must intersect . The aim of FIC is to enable the collage theorem find the set of IFS transformation for the image whose attractor looks like . This theorem allows also for the scaling factor in addition to rotations and reflections.

The question now, is how do we map domains to ranges? To find the corresponding domain block for each range block, we have to test all the domain blocks. After we find the optimized domain that minimize the rms distance, the coordinate of domain pixels will be recorded in the compressed file. The illustration of “Domain” and “Range” can be shown in Figure 1.

Every pixel in the blocks is represented as a point with the coordinates , where and represent the standard geometric position of . The gray level of is represented by the -coordinate. To include the gray scale value 3-dimentional matrix is used. The transformations are specified by where , and f represent the scaling, rotation, reflection, and translation parameters, and the gray scale is controlled by , where is the contrast and is the brightness. The distance that we need to minimize is the distance between the gray scale levels. and can be computed using the least squares regression: The minimum of occurs when the partial derivatives with respect to and are zero, which result in

The rms difference is calculated using Each range block is compared to all possible transformed domain blocks by calculating to choose the one that minimizes .

The decoding process is much simpler and (starting with an initial image —usually a uniform grey or white image) can be achieved by iterating through the collection of maps. On the first iteration, , and on the second iteration, , and so forth. This process can be repeated until the attractor resembles the original image.

3. Material and Methods

A message authentication code is a method by which two parties who share a common secret key can exchange messages in an authenticated manner; namely, they can detect modifications or fabrications by an unauthorized third party. The shared common key between the two parties is usually chosen uniformly at random from the set of all possible keys [22].

3.1. Diffie–Hellman

Diffie–Hellman (DH) is a key-agreement algorithm invented by Diffie and Hellman [23], involving exponentiation modulo a large prime number. It can be used for key exchange to generate a secret key, but it cannot be used to encrypt and decrypt messages. The difficulty in breaking DH is generally considered to be equal to the difficulty in computing a discrete logarithm modulo a large prime number. This is summarized as follows, for the given and , which are both publicly available numbers. Users pick private values and and compute public values mod mod . These public values are then exchanged. Compute shared private key, mod , mod . algebraically, it can be easily shown that , which is a secret key that both parties computed independently [18].

3.2. Hash Function

Hash function is a public function that maps a message of any length into a fixed-length hash value, which serves as an authenticator. It is a four-tuple , where the following conditions are satisfied [24].(1)is a set of possible messages. (2) is a finite set of possible message digests or authentication tags. (3), the key space, is a finite set of possible keys. (4)For each , there exists a hash function , such that .(i)It is very simple to find ., but it should be computationally infeasible to find given . This is the “one-way” property. (ii)For any given block , it should be computationally infeasible to find with . This is called a non-collision property. (iii)It should be computationally infeasible to find any pair () such that .(iv)Finally the output of the hash function must be random. This property is called random oracle.Hash function represented in many areas of the information systems (e.g., password identification, integrity control, database comparing, etc.). Through the hash function, a small amount of data can be obtained from a large amount of data.

3.3. Optical Character Recognition

Optical Character Recognition (OCR) is a software designed to electronically identify and translate printed or handwritten characters by means of an optical scanner. OCR is composed of three elements: scanning, recognition, and reading text. The OCR software scans and determines whether it is identifying images or text. Then, the machine determines letters and words by recognizing their shape by repetitions or patterns of familiar forms as in the following example [25].

340861.fig1

My invention relates to statistical machines of the type in which successive comparisons are made between a character and a charac-.

4. The Proposed Authentication Scheme

In this paper, a personal identification scheme based on the advantages of fractal image coding is described. The system works on the binary image of the encrypted hash function for the individual information. In an authentication process, the information of the individual is compared with the information of every individual stored in the database. When the matching factor crosses the determined threshold, the system verifies the individual as an authentic user. Some of the notations used throughout this paper are described as follows:C: the client. S: the server.A: the attacker.ID, PW: the client user name and password, respectively.: the shared key using Diffie-Hellman key exchange protocol.HS: the hash function to be stored in the database.: the encrypted hash function using a non-linear equation.IM: image created using any converter text to image software.: the set of the coefficient of the IFS transformation , constructing using fractal image coding scheme.IM1: the decoded image that is generated using fractal image decoding scheme, which is look likes IM.: the decrypted hash using inverse nonlinear function.

4.1. The Proposed Method

Let us assume that the server generates a shared secure key between the client and the server using DH protocol. If the client wants to register with the server, the user name and the password should be first submitted to the server database through a secure channel.

The proposed scheme consists of three parts: registration, login, and authentication, they are described in detail as follows. The server and the client will share secure key using DH protocol.

4.1.1. Registration and Login

(1)In Client(a)Enter the user name and the password (ID, PW).(b)C sends to S the current request (login, registration, and change password).(c)C calculates the PW hashing value HS(PW).(d)The hash function HS is encrypted using nonlinear function to give (HS, ).(e)The ID and Y are captured in IM using a text to image converter.(f)Calculate , the matrix of the IFS transformation constructed from IM using fractal image coding scheme.(g) is sent to S.(2)In Server(a)Decode to find the attractor IM1 using fractal image decoding.(b)Use OCR program to read the data in IM1 and determine ID, and the encrypted .(c)Use inverse function to decrypt and find (d)For each request status (registration, login, and change password), S is authenticated as follows.

4.1.2. Authentication

(1)Registration(i)S searching the database for ID.(ii)If ID not found then return (User Name existed).Else store ID and in database and return (Successful Registration).(1)Log in(i)S searching the database for ID.(ii)If ID not found then return (Wrong user name or password).Else compare the received with stored one as follows. (1)Change Password.(i)S searching the database for ID.(ii)If ID not found return (User Name is not available).Else update the value in database and return (change password succeeds).

4.2. Software Implementation

The algorithm and its graphic user interface Figure 2 are carried out using Java under Net-Beans IDE 7. All the results have been obtained using a computer with the specifications 2.4 GHz Intel Cor i3 CPU and 4 GB RAM.

Example 4.1. This is an illustration example for the scanned image (IM) using text to image mechanism in Figure 3(a), and the approximate image (IM1) using fractal image coding Figure 3(b).

5. Experimental Results

As indicated in Table 1 and Figure 4, the performance evaluation of the proposed scheme in terms of performance time and captured image size against the key size is shown. It is to conclude that the registration and login time changes is directly proportional with the key size, while the authentication time is depending on the number of users which were registered in the server. The proposed password authentication is a novel fractal based scheme which provides secure transmission of credential message over insecure communication channel. The registration and login phase in client side performs four steps: the password is hashed, encrypted, captured as an IM image, and then transformed to IFS codes using FIC scheme. Whereas, it performs three steps in server side, which are generating IM1 attractor using FID, reading data using OCR, and finally decrypting these data to find the hash function, to be used with the ID, either for authentication, or registration, depending on the request case.

The program is designed to present error messages for certain cases as follows.(i)The user enters wrong user name or password.(ii)The user tries to register using ID which have been used before. (iii)The algorithm is vulnerable to some attaches that try to change the data.(iv)The OCR program resulted in wrong reading. All these error cases can be expressed in the program by “wrong user name or password,” or “the user is already exist.”

The time in Table 1 are listed in milliseconds (ms). The result shows time needed in each phase for different key size.

6. Security Analysis

If we assume that an attacker A has a total control over the communication channel between C and S, this would mean that he can insert, delete, or change any message in the channel. The first step in the proposed system is the registration process. If the attacker masquerades as C and tries to change the ID or the PW and registers in the database using the wrong ID and PW, this does not give any advantage due to the lack of information in the stolen page at this stage. Therefore, the attacking process in this part is not feasible and the authorized user will have to reregister again. We conclude that the main goal of the attacker is to get the PW. Any attempt to change the ID will do nothing. If the attacker is skilled enough to recover the original image, using fractal image decoding, he will get an encrypted hash with a nonlinear function for two variables , where is DH key exchange and is one way hash function of the user password, which is infeasible to be solved with exact values. The use of secured shared key DH that is based on the difficulty of discrete logarithm problems and it is computationally infeasible (unsolvable in polynomial time) for large prime number has a significant impact. This is in regard to increasing the security of the proposed scheme to resist many types of attacks over unsecure network.

The security analysis for the proposed scheme is discussed in details to show that the scheme withstands most of the following known attacking methods.

Password Guessing Attacks
The vulnerability to the attack happens in most passwords. When the ID of the client is known, then the attacker tries to guess the password to verify the correctness of his guess. To use this kind of attack, there are two ways, either the attacker tries to guess the password PW’ from the dictionary and login using the known ID to verify the correctness of his guess, he stops when . In our scheme this is almost impossible, because the server will block this account after ten wrong login tries or if the attacker is knowledgeable enough and can intercept from open network to decode and find IM1 using fractal image decoding (FID). Eve can use opened OCR to read the data in IM1 and determine the ID and encrypted . Then, he should decrypt and find the Hash that should be used to guess PW, he stops when . Hence, it is not easy for Eve to use inverse function to decrypt and find Hash, because is encrypted using two variables and . Finding these two values depends on solving numerically the nonlinear function to recover the unknown’s approximately, and that will involve truncation and cumulative errors. Regarding the value , it is a secure value for large key size, while it is known only to the client and the server exclusively. In addition to unrepeatable property in each login (i.e., a different key is generated with each login). Moreover, for the second value HS, it is also not easy to be found, due to their properties that it should be computationally infeasible to find with . Therefore, even if the attacker can find the hash, it is infeasible to find PW from the HS, and he will not be able to use this HS for authentication, because the server is designed to receive an encrypted hash not cleared hash, this value is decrypted to result in an unknown value. From the above we conclude that the proposed scheme is secured against password guessing attack.

Replay Attack
It is an attack in which an adversary impersonates another legal user through the reuse of information obtained in a protocol. In password authentication scheme, it is concerned with the case of attempts of an unauthorized user to impersonate an authorized one, by replaying the invalid message that is previously intercepted to the server. In our proposed method let us see Figure 5 for more details.

In this example, we showed that, for the same user in three different login attempts, a different message has been generated. This means that for the same user the login message is not repeatable, and it is infeasible to find two similar messages for any login session. If the attacker Eve tries to intercept the captured message from the login session and tries to resend it to the server again, the server will not authenticate the replayed message, because the key is changed in each login session. For this reason the proposed scheme is secured to the replay attack.

Denial of Service Attacks
In this attack, false verification information can be updated (applied) by the attacker for more than ten times, and as a result, the legal user will be blocked, and will not be able to login successfully anymore. The most vulnerable procedure is the password changing phase. In our scheme this phase is performed on the client side. While, the server should authenticate the user with the security question using the proposed secure scheme before starting the change password process; that is, it will help to enhance the security of password changing. The attacker is not able to modify data on storage, because only the authorized user is able to change the password. This is due to the security question that is preagreed before between the legal user and the server, as well as the difficulty of knowing the encrypted key.

Stolen Verifier Attack
One of the common features of password authentication schemes is the secure storage of the verification table in the server. If this table is stolen by the adversary, the system will be partially or totally broken. In the proposed scheme, the password is stored in the verification table as hashed value. Any attempt from the attacker to steel these data will do nothing, because these data is not stored explicitly. The strategy in the server is designed to receive an encrypted hash not an explicit hash, as result it will end with decrypting this information to unknown value, and this will cause failure in authentication process. So our scheme is secured against this attack.

Man in the Middle Attack
The proposed scheme is invulnerable to this attack, because when an adversary intercepts the message to prevent it from transmitting to server, this message is used later to impersonate the user to the server by the adversary. The server will not authenticate him, because if the user tries to reuse the information he will need time to steel the information and create the IM1 using FID, he uses OCR to read this information to recreate a new image IM2, then convert it to T1 (IFS codes). In this case, the time needed is very long and more than enough for the server to consider the current login session as expired. Hence, the attacker should start new login session which is impossible due to lack of information that he has.

7. Security Comparison

Password authentication schemes are the simplest and convenient schemes that provide the legal user a secure use of the server resources. The first scheme is suggested by Lamport [2]. It is a hash-based password authentication scheme. The researchers proved later that this scheme is vulnerable to some attacks, in addition, it uses high hash computation, and has password resetting problem. To overcome these drawbacks, Peyravian and Zunic [26] proposed a scheme that employs only hash function, which is simple and straight forward for applications. Later on, some researchers showed that this scheme is vulnerable to guessing attack, denial of service attack (DoS), stolen verifier attack, and many others. They tried to make some improvement to eliminate the weaknesses in this scheme, but to no vail. One of the common features of these schemes is the use of the verification table, which should be securely stored in the server. To overcome the drawbacks in these types of methods, password authentication mechanism is directed toward schemes based on smart cards strategy. It is to provide mutual authentication over insecure network, where the authentication is performed easily using a memorable password and without using verification table.

The first novel user authentication scheme using smart card was proposed in 2000 by Hwang and Li [4]. Later on, many researchers proposed several smart card based scheme, where each of them has its pros and cons. Some of these studies made improvements on Hwang scheme; however, most of them are still vulnerable to replay attack, reflection attack, DoS attack, guessing attack, parallel session attack, and many others. In addition, the existing smart card-based scheme is vulnerable to stolen/lost smartcard attack. Therefore, if any adversary steals a smartcard of a legitimate user, he can use it to impersonate as a legal client.

Since computing resources have grown hugely, there is always growing demands for emerging methods to enhance the security of password authentication protocols to be able to meet security requirement of modern application. Authenticated method based on physiological (biometric) features is considered a good alternative upon physical (smartcard) or knowledge (ID systems) authentication schemes. This is due to reliability (cannot be lost, forgotten, or guessed), in addition to its ease of use (there is nothing to be remembered or carried). These methods are based on distinguishing human features, the most common used biometric features are face, fingerprint, iris, voice, and palm print, and so forth. Authentication schemes based on fingerprint are given more attention than any other. Many Biometric-based password authentication scheme have been proposed. In 2002, Lee et al. [8] proposed a remote user authentication scheme using fingerprint and smartcards. Unfortunately, some researchers later on, showed that this scheme is vulnerable to some attacks even with the improvement that achieved. These methods are more costly and require specialized hardware.

However, in this paper, we proposed a novel password authentication scheme based on IFS theory. It enables us to represent an image in a compact way by means of a limited number of affine transformations. The proposed scheme is analyzed in details to show that it is invulnerable to many attacks, which can give us high security and few drawbacks. A security comparison of the proposed scheme with the Lamport [2], Hwang and Li [4], and Lee et al. [8] scheme from the attacker point of view is performed and summarized in Table 2. The proposed scheme is relatively more secure and less costly than the other schemes.

8. Conclusions and Future Works

A password authentication system based on the advantage of fractal image coding is proposed. The system works on the captured binary image of the client information (ID, PW). After the password is hashed and encrypted, it is coded using FIC scheme and send it to the server instead of the image itself. The successful matching is performed at the server to verify the client user after the ID is recognized, and the hash is decrypted to be verified with the saved hash in database system. The security strength of the scheme relies on the security of the hash function, and DH protocol that is used as a key exchange in encryption and decryption of HS(PW), in addition to the complexity of the FIC scheme. We conclude that the proposed scheme is nontraditional password authentication, flexible to improvement, in addition to many other attributes, such as the following.(i)The user cannot freely change the password without connecting to the server (i.e., only the authorized user is able to change the password), because of the security question that is preagreed before between the legal user and the server, as well as the difficulty of knowing the encrypted key.(ii)The scheme has a facility of access denial or blocked any unauthorized user whose try to use wrong password for more than ten trials.(iii)The scheme is secured against guessing, replay, denial of service, stolen-verifier, parallel session, and many other attacks.(iv)The uses of FIC offer an advantage to increase the security because of the use of the fractal codes instead of original image.(v)The server closes the session whenever it takes more than the usual time and will request a new session.

All of these points are considered an advantage, whereas, there is also some of disadvantages of using this scheme, such as: it is a little bit time consuming in comparing to some other schemes, that is due to using fractal image coding and decoding process, in addition to the nonaccurate reading of the OCR system, that may happen rarely. This is caused by using nonefficient OCR program, because the generated image is an approximate image not an explicit image. The proposed scheme provides mutual authentication between the client and the server. It establishes a common session key that provides confidentiality.

For future work, the scheme can be improved to be more secure and invulnerable to many types of attacks, if the encryption process is performed for the IFS codes after applying FIC scheme instead of its current use for the hashed password. With these improvements both the ID and the PW will be hidden, not the password only as in the current case.

Acknowledgment

The researchers would like to acknowledge the Institute for Mathematical Research (INSPEM), University Putra Malaysia (UPM) for supporting this work.