Litcius/Paper detail

H-Rotation: Secure Storage and Retrieval of Passphrases on the Authentication Process

Hamza Touil, Nabil El Akkad, Khalid Satori

2020International Journal of Safety and Security Engineering22 citationsDOIOpen Access PDF

Abstract

Passwords/passphrases can be either system generated or user-selected. A combination of both approaches is also possible—encryption created by the system and assigned to the user by the information system meeting the policy requirements. Policy rules can be designed to increase security and usability factors, such as information storage and retrieval. This paper proposes an algorithm dedicated to the security of passphrases in an online authentication, so the passphrase entered will be stored in a remote database. Through an SHA-3 hash function, the system must hash the pass phase. Before storage, the system must apply random rotations on the already generated HASH while eliminating any traceability performed on the different transactions performed. To prevent the hacker from using them recurrently if he wants to attack our database. Then the system must recover the real HASH and then the passphrase based on the data provided by the user in the form of codes.

Topics & Concepts

Hash functionComputer sciencePasswordComputer securityDatabaseAuthentication (law)Cryptographic hash functionEncryptionUsabilitySecure Hash AlgorithmMerkle treeOperating systemUser Authentication and Security SystemsSpam and Phishing DetectionCognitive Computing and Networks
H-Rotation: Secure Storage and Retrieval of Passphrases on the Authentication Process | Litcius