TWO FACTOR AUTHENTICATION USING TWOFISH ENCRYPTION AND VISUAL CRYPTOGRAPHY ALGORITHMS FOR SECURE DATA COMMUNICATION

The growing dependence of human needs on the Internet has pleased the need for secure and confidential processing of data on the World Wide Web. Therefore, the safe processing of information entails the needfor speed and availability ofsystems. Improving the reliability and privacy ofsystems directly depends on a fully protected authentication method. There are various authentication and protection methods that have been developed to ensure confidentiality and security. Their main part is based on an alphanumeric password, and only a small part is classified as two-factor authentication. In this article, we offer an improved graphical authentication method based on Twofish Encryption algorithm and Visual Cryptography (TEVC). The proposed TEVC is organized in such a way that it is impossible to predict the correct graphic password, and is further complicated by the fact that for authentication it is necessary to present its correct order, which makes it safer than an alphanumeric password. TEVC was developed and tested in the programming language JAVA. After testing, we can argue that the proposed authentication method satisfies the necessary security requirements. TEVC has been identified as a convenient and secure authentication method with less time complexity compared to other known authentication methods.

1. Yang, G., & Hwang, J. (2017). U. S. Patent No. 9, 679,123. Washington, DC: U. S. Patent and Trademark Office.

2. Go, W., Lee, K., & Kwak, J. (2014). Construction of a secure two-factor user authentication system using fingerprint information and password. Journal of Intelligent Manufacturing, 25 (2), 217-230.

3. Anwar, M., & Imran, A. (2015). A Comparative Study of Graphical and Alphanumeric Passwords for Mobile Device Authentication. In MAICS (pp. 13-18).

4. Petsas, T., Tsirantonakis, G., Athanasopoulos, E., & Ioannidis, S. (2015, April). Two-factor authentication: is the world ready?: quantifying 2FA adoption. In Proceedings of the eighth european workshop on system security (p. 4). ACM.

5. Erdem, E., & Sandikkaya, M. T. (2019). OTPaaS—One Time Password as a Service. IEEE Transactions on Information Forensics and Security, 14 (3), 743-756.

6. Persson, O., & Wermelin, E. (2017). A Theoretical Proposal of Two-Factor Authentication in Smartphones.

7. Raypure, R. M., &Keswani, V. (2017). Implementation For Data Hiding Using Visual Cryptography.

8. Chanda, K. (2016). Password security: an analysis of password strengths and vulnerabilities. In ternational Journal of Computer Network and Information Security, 8 (7), 23.

9. Thomas, K., Li, F., Zand, A., Barrett, J., Ranieri, J., Invernizzi, L., ... & Margolis, D. (2017, Oc­tober). Data breaches, phishing, or malware?: Understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 1421-1434). ACM.

10. Gualdoni, Joseph, et al. “Secure Online Transaction Algorithm: Securing Online Transaction Using Two-Factor Authentication.” Procedia computer science 114 (2017): 93-99.

11. Cherdmuangpak, Niramai, Tanapat Anusas-amonkul, and BenchaphonLimthanmaphon. “Two factor image-based password authentication for junior high school students.” 2017 14th Interna­tional Joint Conference on Computer Science and Soft ware Engineering (JCSSE). IEEE, 2017.

12. Khandelwal, N. S., & Kamboj, P. (2015, January). Notice of Retraction Two factor authentication using Visual Cryptography and Digital Envelope in Kerberos. In 2015 International conference on electrical, electronics, signals, communication and optimization (EESCO) (pp. 1-6). IEEE.

13. Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards & Interfaces, 32 (5-6), 321-325.

14. Zhao, H., & Li, X. (2007, May). S3PAS: A scalable shoulder-surfing resistant textual-graphical password authentication scheme. In 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW’07) (Vol. 2, pp. 467-472). IEEE.

15. Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern recognition, 37 (11), 2245-2255.

16. Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., & Ferguson, N. (1998). Twofish: A 128-bit block cipher. NIST AES Proposal, 15, 23.

17. Ibrahim, R., & Kuan, T. S. (2011). Steganography algorithm to hide secret message inside an image. arXiv preprint arXiv:1112.2809.