Abstract
Powerful cryptographic systems based on mathematically hard problems are utilized to ensure tighter security for data communication purposes. However, these traditional cryptographic systems are bound to fail in the ensuing era of quantum computing. Thus, Artificial Intelligence (AI) inspired security methods are needed to secure communications in the era of quantum computing. This article presents a challenge-response password-based authentication system based on the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) AI hard problem. In this system, a server sends a challenge text to a client, then the client generates a random image and blends the challenge text inside this random image using his password. Then the client sends the generated image to the server. The server extracts the challenge text from the sent image using his copy of the client's password. If the extracted challenge text is the same as the sent challenge text, then both the client's and the server's copies of the password match and the client is authenticated. The efficiency of the proposed system is analyzed and the outcomes prove that the proposed system is efficient in terms of time and space. Also, a security investigation of the proposed system is employed, and the results prove that the system is probabilistic and very sensitive to changes in its parameters. It does not leak any statistical information about the client's password and the generated images cannot be distinguished from random images. In addition, the security of the proposed system is analyzed against two possible attacks; the brute force attack and the replay attack and the results prove that the proposed system is immune to these attacks. Finally, the proposed system is ensured to be indistinguishably secure against an adaptive chosen-challenge text attack (IND-ACCTA), based on the CAPTCHA AI hard problem when the hash function H is modeled as a random oracle.
Highlights
The World is witnessing a new era of computing revolution
It is concluded that the generated images are indistinguishable from random images and there is no statistical information leaked about the client’s password
The proposed system is indistinguishably secure against an adaptive chosen-challenge text attack (IND-ACCTA) based on the CAPTCHA Artificial Intelligence (AI) hard problem when the hash function H is modeled as a random oracle [23]
Summary
The World is witnessing a new era of computing revolution. This revolution comes in the form of quantum computing. One of the most used password-based authentication systems is the Challenge Response Authentication Mechanism (CRAM) [6] In these systems, the client requests to access a service (Ex. Email) from a service provider (Ex. Google). The main aim of this article is to propose a salted challenge-response password-based authentication system based on the CAPTCHA AI hard problem. The idea behind the proposed system is the same as CAPTCHA That is, it is a VOLUME 8, 2020 hard problem for a bot to recognize a twisted text in an image. Instead of sending the challenge text in a way that is easy for humans but prohibitively difficult for bots as in CAPTCHA, the proposed system blends the challenge text and scatters it inside a random image using the client’s password.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
