Fortification of Transport Layer Security Protocol by using Password and Fingerprint as Identity Authentication Parameters

Abstract

Whenever there is communication between Client and Server over a public link and resources are to be accessed from remote systems, then proving an identity becomes quiet complex because there is need of proper access rights with authentication. Complete security at the transport layer starts with proof of authentication, majority organizations only use password for security but this research paper would include one more tier of security to the transport layer security protocol by using fingerprints for identity authentication. Bio Hashing with the help of Minutiae Points at the fingerprints would be used for mutual authentication. Complete comparative analysis of all the existing password authentication schemes on the basis of security requirements and attacks is done in this paper. Result is generated that which existing scheme could withstand security requirement of mutual authentication for using fingerprint as identity parameter along with password. Proof is generated that with mutual authentication intruders could not practice Phishing, IP or Server Spoofing, Smurf attack and DNS Poisoning etc. Research paper focuses on implementing Password and Fingerprints for mutual authentication in Multi Server environment which will generate an Ideal Password Authentication Scheme and will result in fortification of Transport Layer Security Protocol. General Terms Ideal Password Authentication Scheme, Multi Server Environment