A Novel Message Integrity Code Based Authentication Protocol ChittiRameshkumar ,

advertisement

International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014

A Novel Message Integrity Code Based Authentication Protocol

ChittiRameshkumar

1

, RameshKumar behara

2

1 Final M.Tech Student, 2 Assistant Professor

1, 2 Dept of CSE, Sarada Institute of Science, Technology and Management (SISTAM), Srikakulam, Andhra Pradesh

Abstract: Now a day’s wireless local area network rapidly increase of mobile device and more efficient of link setup mechanism. For the rapidly increase of WLAN we are also

Makes a nearby state for that session amid execution, and produces neighborhood outputs by that gathering. This yield can be an amount (e.g. a session key) returned to the provide security of transferring data. For this purpose so many authentication protocol are proposed and one of the protocol is 802.11i. Through experiments we observe that the authentication delay of 802.11i is intolerable under some scenarios, and we point that the main reason resulting in such inefficiency is due to its design from the framework perspective which introduces too many messages. In this paper we are proposed protocol for generating low cast id based authentication protocol for authentication users and transferring data through network we are using message integrity code (MIC) protocol. By providing those approaches we can moreefficiency, simplicity and more security for the data transmission.

I. INTRODUCTION

Protocols, sessions and key –exchange mechanisms:

We consider a set of gatherings (probabilistic polynomial-time machines), which we normally indicate by P1; : ; Pn, interconnected by point-to-point connects over which messages can be traded. Protocols are accumulations of intelligent methodology, run simultaneously by these gatherings that detail a specific handling of approaching messages and the era of cordial messages. Protocols are at first activated at a gathering by an outside \call" and later by the entry of messages. Upon each of these occasions, and as indicated by the convention detail, the convention forms data and may create what does more transmit a message and/or hold up for the following message to arrive. We call these message-driven Protocols.

(We note the non-concurrent nature of Protocols characterized thusly which reflects the predominant manifestation of correspondence in today's systems.)

Protocols can trigger the start of sub-Protocols

(i.e. intelligent subroutines) or different Protocols, and a few duplicates of such Protocols may be at the same time run by each one gathering. We call each one duplicate of a convention run at a gathering a session. In fact, a session is an intuitive subroutine executed inside a gathering. Every session is distinguished by the gathering that runs it, the gatherings with which the session imparts and by a sessionidentifier.

These identifiers are utilized as a part of practice to tie transmitted messages to their relating sessions. Every summon of a convention (or session) at a given gathering calling system, or it can be the recording of a convention occasion, (for example, an effective or fizzled end). These nearby yields serve to speak to the \history" of a convention and are paramount to formalize security. At the point when a session closures its run we call it finish and accept that its nearby state is eradicated.

Protocols (as defined above) where the communication takes place between pairsof parties and which return, upon completion, a secret key called a session key. More specifically, the input to a ke protocol within each party Pi is of the form (Pi; Pj ; s; role), where

Pj is the identity of another party, s is a session id, and role can be either initiator or responder. A session within Pi and a session withinPj are called matching if their inputs are of the form (Pi; Pj ; s; initiator) and(Pj ; Pi; s; responder). The inputs are chosen by a \higher layer" protocol that\calls" the ke protocol. We require the calling protocol to make sure that the session id's of no two ke sessions in which the party participates are identical.

Furthermore, we leave it to the calling protocol to make sure that two parties that wish to exchange a key will activate matching sessions. Note that this may require some communication before the actual ke sessions are activated.1Upon activation, the partners Pi and Pj of two matching sessions exchange messages (the initiator goes

¯rst), and eventually generate local outputs that include the name of the partners of the session, the session identifier, and the value of the computed session key. A key establishment event is recorded only when the exchange is completed (this signals, in particular, that the exchanged key can be used by the protocol that called the ke session).

We note that a session can be completed at one partner but not necessarily at the other.

In our system we introduced message integrity code based protocol that maintains continuous authentication over network that allows multiple message transmission.

II. RELATED WORK

A wireless local area network (WLAN) is a wireless computer network that links two or more devices using a wireless distribution method (often spreadspectrum or OFDM radio) within a limited area such as a home, school, computer laboratory, or office building. This gives users the ability to move around within a local coverage area and still be connected to the network, and can provide a connection to the wider Internet. Most

ISSN: 2231-5381 http://www.ijettjournal.org

Page 251

International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014 modern WLANs are based on IEEE 802.11 standards, marketed under the Wi-Fi brand name.

Wireless LANs have become popular in the home due to ease of installation and use, and in commercial complexes offering wireless access to their customers; often for free. New York City, for instance, has begun a pilot program to provide city workers in all five boroughs of the city with wireless Internet access.[1]

A specially appointed system (not the same as a

Wifi Direct network[4]) is a system where stations convey just shared (P2p). There is no base and nobody offers authorization to talk. This is refined utilizing the

Independent Basic Service Set (IBSS).

A Wifi Direct system is an alternate kind of system where stations convey shared.

In a Wi-Fi P2p bunch, the gathering manager works as a right to gain entrance point and all different gadgets are customers. There are two principle strategies to make a gathering manager in the Wi-Fi Direct gathering. In one approach, the client sets up a P2p bunch holder physically. This technique is otherwise called Autonomous

Group Owner (self-ruling GO). In the second system, likewise called transaction based gathering creation, two gadgets contend focused around the gathering holder plan esteem. The gadget with higher goal quality turns into a gathering holder and the second gadget turns into a customer. Bunch manager plan worth can rely on upon whether the remote gadget performs a cross-association between a base WLAN administration and a P2p gathering, remaining power in the remote gadget, whether the remote gadget is as of now a gathering holder in an alternate gathering and/or a got signal quality of the first remote gadget.

A shared system permits remote gadgets to straightforwardly speak with one another. Remote gadgets inside scope of one another can find and convey specifically without including focal access focuses. This strategy is normally utilized by two machines with the goal that they can unite with one another to structure a system.

This can fundamentally happen in gadgets inside a shut reach.

In the event that a sign quality meter is utilized as a part of this circumstance, it may not read the quality precisely and can be deceiving, in light of the fact that it enrolls the quality of the strongest sign, which may be the closest machine.

Concealed hub issue: Devices An and C are both speaking with B, however are ignorant of one another

IEEE 802.11 characterizes the physical layer (PHY) and

MAC (Media Access Control) layers focused around

CSMA/CA (Carrier Sense Multiple Access with Collision

Avoidance). The 802.11 particular incorporates procurements intended to minimize impacts, on the grounds that two portable units might both be in scope of a typical access point, yet out of scope of one another.

III. PROPOSED SYSTEM

. IN recent years, wireless local area networks (WLAN) technology continues to gain increasing popularity for its good mobility, high bandwidth, and important flexibility.

The portable mobile equipment’s that support WLAN increase greatly, such as smart phones, tablet computers, and so on. By increasing of WLAN we can proposed the protocol for authentication and security of data. So that by providing simplicity, efficiency and more security we can proposed two protocols for authentication and secure transformation data. The following are over all description of proposed system.

Low cost id base authentication protocol:

The entire process of authentication can be divide into two parts which are responsible for authentication and provide forward security of id and k. The authentication process as follows.

1.

The user will generate random number and send to query request to backend server.

2.

User will calculate A

1,

A

2

and B send to backend server.

3.

According received information the backed sever will find out the given user authenticate or not in the following two ways.

I) The backend server will compute c=A

1

®

K and find two tuple of <ID,GI> which meets ID=A

2

–(GI ® r ® c) mod 2 l

-1 and check whether B

R

equal to received B

R.

If they are equal the backend server will find the he is authenticate user otherwise not authenticated.

ii) If the backend database does not fmd appropriate ID and GI, it updates K and ID as

K=H(K)

ID=H(ID)

Afterwards, it uses new K and ID to search appropriate GI met the same requirement. If it find such

GI, it computes B'=H(IDII(S®GIj)||(r ® c)) and checks whether B

R

' equals to B

R

received to determine this tag is authentic or not. If it is authentic, the backend database

ISSN: 2231-5381 http://www.ijettjournal.org

Page 252

International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014 sends B

L

computed using ID and K updated to the reader.

Otherwise, it halts this process.

Key Generation process:

After completion of authentication of users the backend server will generate shared key to all user. The generation of shared key can be done server with randomly. After generation shared key the backend server will send to all authenticated users.

MIC (Message Integrity code)Protocol:

The users will retrieve key from backend server and calculate bit sequence of key. If bit sequence is 0 the message data not protect, so that processing of security will reject otherwise the security process as follows.

Declaration of variables: unsigned char en1[32]= { 0xe2, 0x12, 0xa6, 0x8e, // the first group

0x9a, 0xf1, 0x2e, 0x3f,

0xe7, 0xca, 0xb1, 0x4e,

0x58, 0x83, 0x3a, 0xe4,

0x13, 0x23, 0x65, 0xae, // the second group

0x8e, 0xd4, 0x9d, 0x35,

0x90, 0x3a, 0x63, 0x8e,

0x2a, 0x14, 0x54, 0xa2}; unsigned char mm1[8]; // the encryption table unsigned char mic1_ch; unsigned char sit_1, sit_2; unsigned char mic1;

The security of data table en1 which contains 32 bytes. The

32 bytes can be divide into two groups. The data table length mm1 will create dynamically. The sit_1 a sequence number of first group and sit_2 sequence number of second group. The mic1_ch is start value of computing MIC and mic1 is message.

Encryption process:

The message encryption of process of given protocol as follows. void Encrypt(unsigned char * info, int *len)

{

// info1: message data;

// len1 : the length of message data sit_1 = 0; sit_2 = 0; while( sit_1+sit_2 == 0)

{ sit_1 = rand() % 16; //randomly generating number. sit_2 = rand() % 16; //randomly generating number.

} sit_2 +=16; for (inti = 0; i< 8; i++)

{ // to produce the encryption table

Mm1[i] = en1[(sit_1+ i) %32] ^ en1[(sit_2 + i) %32];

}

Mic1_ch =shared key; unsigned char info1_m[ MAXLENGTH]; for (i=0; i< *len1; i++)

{

Mic1_ch = mic1_ch ^ info1[i];

Info1_m[i] = info1[i] ^ mm1[i%8];

Mm1[i%8] = mm1[i%8] ^ en1[(sit_1 +8+ i) %32]

^ mic1_ch;

Mic1 +=info1_m[i] ^ en1[(sit_1+i)%32] ;

}

Info1[0] = (sit_1<<4) + sit_2 - 16; // the key bit sequence

Info1[1] = mic1; // the MIC for (i=0; i< *len; i++)

{

Info1[i+2] = info1_m[i];

}

*len1 += 2;

}

Decryption process :

Booldecrypt { unsigned char step1_mic; sit_1 = (info1[0]>>4) & 0x0f; sit_2 = (info1[0] & 0x0f) + 16; step_mic1 = info1[1]; mic1 = 0; for (inti = 0; i< 8; i++)

{

Mm1[i] = en1[(sit_1 + i) %32]^ en1[(sit_2 + i) %32];

}

Mic1_ch =shared key; for (i=0; i< *len1 -2 ; i++)

{

Mic1 +=info1[i+2] ^ en1[(sit_1+i)%32];

Info1[i] = info1[i+2] ^ mm1[i%8];

Mic1_ch = mic1_ch ^ info1[i];

Mm1[i%8] = mm1[i%8] ^ en1[(sit_1 +8+ i) %32]

ISSN: 2231-5381 http://www.ijettjournal.org

Page 253

International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014

Low cost id base authentication protocol

1

1

1

5

2

Consumer

1

6

3

Consumer

2

2

6

Backend server

5

5

1

5

2

Consumer3

6

MIC

Protocol

4

6

2

Consumer

4

1.Generate hash value

4. generate shared key

2.send hash value to backend server

5. send to all users

^ mic1_ch;

} if (mic1 != step1_mic) return false;

*len1 -= 2;

Info1[*len1] = 0; return true;

}

The encryption and decryption process can be done by any user in the group. If the decrypt function will retrieve true it will get message for without loss of data otherwise it will destroyed.

IV. CONCLUSION

The rapidly growth of wireless local area network will increase the mobile device and more efficient mechanism of link set up in the local area network. In the local area network of wireless we also provide the security of transferring data through network and also implement different type of protocols for provide secure

3. authentication of users

6. encryption and decryption of message

transformation data. By performing those functionalities we can implement two protocols i.e. authentication of users and encryption and decryption of data. In this paper we are used low cost id based authentication protocol for authentication of user. The encryption and decryption of transferring data through network we are using MIC protocol secure transferring data in the network. By implementing those concept we can provide more simplicity, efficiency and security of give system.

REFERENCES

1. D. Beaver, “Secure Multi-party Protocols and Zero-

Knowledge Proof SystemsTolerating a Faulty Minority”, J.

Cryptology (1991) 4: 75-122.

2. M. Bellare, R. Canetti and H. Krawczyk, “A modular approach to the designand analysis of authentication and key-exchange protocols”, 30th STOC, 1998.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 254

International Journal of Engineering Trends and Technology (IJETT) – Volume17 Number6–Nov2014

3. M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway,

“Relations Among Notionsof Security for Public-Key

Encryption Schemes”, Advances in Cryptology-

CRYPTO’98 Proceedings, Lecture Notes in Computer

Science Vol. 1462, H.Krawczyk, ed., Springer-Verlag,

1998, pp. 26–45.

4. M. Bellare, E. Petrank, C. Rackoff and P. Rogaway,

“Authenticated key exchangein the public key model,” manuscript 1995–96.

5. M. Bellare and P. Rogaway, “Entity authentication and key distribution”, Advancesin Cryptology, - CRYPTO’93,

Lecture Notes in Computer Science Vol.773, D. Stinson ed, Springer-Verlag, 1994, pp. 232-249.

6. M. Bellare and P. Rogaway, “Provably secure session key distribution– the threeparty case,” Annual Symposium on the Theory of Computing (STOC), 1995.

7. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R.

Molva and M. Yung,“Systematic design of two-party authentication protocols,” IEEE Journal onSelected Areas in Communications (special issue on Secure

Communications),11(5):679–693, June 1993. (Preliminary version: Crypto’91.)

8. S. Blake-Wilson, D. Johnson and A. Menezes, “Key exchange protocols andtheir security analysis,”

Proceedings of the sixth IMA International Conferenceon

Cryptography and Coding, 1997.

9. S. Blake-Wilson and A. Menezes, “Entity authentication and key transport protocolsemploying asymmetric techniques”, Security Protocols Workshop, 1997.

10. M. Burrows, M. Abadi and R. Needham, “A logic for authentication,” DECSystems Research Center Technical

Report 39, February 1990. Earlier versionsin Proceedings of the Second Conference on Theoretical Aspects of

Reasoningabout Knowledge, 1988, and Proceedings of the

Twelfth ACMSymposium onOperating Systems Principles,

1989.

BIOGRAPHIES

Chitti.Rameshkumar a Student inM.Tech

(CSE) in Sarada Institute ofScienceTechnologyAndManagement,Srik akulam. He Received His B.Tech (IT) from

Sarada Institute of ScienceTechnologyAnd

Management (SISTAM), Srikakulam.

HisinterestingareasareComputer networks,java and oracle database.

Ramesh Kumar behara is working asAsst.professor in Sarada Institute ofScience, Technology AndManagement,

Srikakulam, AndhraPradesh. He received his M.Tech (CSE)FromSarada Institute of

Science,Technology AndManagement,

Srikakulam, AndhraPradesh.JNTU

Kakinada Andhra Pradesh. His research

Areas includes Network Security.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 255

Download