A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication

A significant percentage of security research that is conducted suffers from common issues that prevent wide-scale adoption. Common snags of such proposed methods tend to include (i) introduction of additional nodes within the communication architecture, breaking the simplicity of the typical client...

Descripción completa

Detalles Bibliográficos
Autores principales: Obaidat, Muath, Brown, Joseph, Obeidat, Suhaib, Rawashdeh, Majdi
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2020
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7435875/
https://www.ncbi.nlm.nih.gov/pubmed/32751189
http://dx.doi.org/10.3390/s20154212
_version_ 1783572424019673088
author Obaidat, Muath
Brown, Joseph
Obeidat, Suhaib
Rawashdeh, Majdi
author_facet Obaidat, Muath
Brown, Joseph
Obeidat, Suhaib
Rawashdeh, Majdi
author_sort Obaidat, Muath
collection PubMed
description A significant percentage of security research that is conducted suffers from common issues that prevent wide-scale adoption. Common snags of such proposed methods tend to include (i) introduction of additional nodes within the communication architecture, breaking the simplicity of the typical client–server model, or fundamental restructuring of the Internet ecosystem; (ii) significant inflation of responsibilities or duties for the user and/or server operator; and (iii) adding increased risks surrounding sensitive data during the authentication process. Many schemes seek to prevent brute-forcing attacks; they often ignore either partially or holistically the dangers of other cyber-attacks such as MiTM or replay attacks. Therefore, there is no incentive to implement such proposals, and it has become the norm instead to inflate current username/password authentication systems. These have remained standard within client–server authentication paradigms, despite insecurities stemming from poor user and server operator practices, and vulnerabilities to interception and masquerades. Besides these vulnerabilities, systems which revolve around secure authentication typically present exploits of two categories; either pitfalls which allow MiTM or replay attacks due to transmitting data for authentication constantly, or the storage of sensitive information leading to highly specific methods of data storage or facilitation, increasing chances of human error. This paper proposes a more secure method of authentication that retains the current structure of accepted paradigms, but minimizes vulnerabilities which result from the process, and does not inflate responsibilities for users or server operators. The proposed scheme uses a hybrid, layered encryption technique alongside a two-part verification process, and provides dynamic protection against interception-based cyber-attacks such as replay or MiTM attacks, without creating additional vulnerabilities for other attacks such as bruteforcing. Results show the proposed mechanism outperforms not only standardized methods, but also other schemes in terms of deployability, exploit resilience, and speed.
format Online
Article
Text
id pubmed-7435875
institution National Center for Biotechnology Information
language English
publishDate 2020
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-74358752020-08-25 A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication Obaidat, Muath Brown, Joseph Obeidat, Suhaib Rawashdeh, Majdi Sensors (Basel) Article A significant percentage of security research that is conducted suffers from common issues that prevent wide-scale adoption. Common snags of such proposed methods tend to include (i) introduction of additional nodes within the communication architecture, breaking the simplicity of the typical client–server model, or fundamental restructuring of the Internet ecosystem; (ii) significant inflation of responsibilities or duties for the user and/or server operator; and (iii) adding increased risks surrounding sensitive data during the authentication process. Many schemes seek to prevent brute-forcing attacks; they often ignore either partially or holistically the dangers of other cyber-attacks such as MiTM or replay attacks. Therefore, there is no incentive to implement such proposals, and it has become the norm instead to inflate current username/password authentication systems. These have remained standard within client–server authentication paradigms, despite insecurities stemming from poor user and server operator practices, and vulnerabilities to interception and masquerades. Besides these vulnerabilities, systems which revolve around secure authentication typically present exploits of two categories; either pitfalls which allow MiTM or replay attacks due to transmitting data for authentication constantly, or the storage of sensitive information leading to highly specific methods of data storage or facilitation, increasing chances of human error. This paper proposes a more secure method of authentication that retains the current structure of accepted paradigms, but minimizes vulnerabilities which result from the process, and does not inflate responsibilities for users or server operators. The proposed scheme uses a hybrid, layered encryption technique alongside a two-part verification process, and provides dynamic protection against interception-based cyber-attacks such as replay or MiTM attacks, without creating additional vulnerabilities for other attacks such as bruteforcing. Results show the proposed mechanism outperforms not only standardized methods, but also other schemes in terms of deployability, exploit resilience, and speed. MDPI 2020-07-29 /pmc/articles/PMC7435875/ /pubmed/32751189 http://dx.doi.org/10.3390/s20154212 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Obaidat, Muath
Brown, Joseph
Obeidat, Suhaib
Rawashdeh, Majdi
A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication
title A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication
title_full A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication
title_fullStr A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication
title_full_unstemmed A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication
title_short A Hybrid Dynamic Encryption Scheme for Multi-Factor Verification: A Novel Paradigm for Remote Authentication
title_sort hybrid dynamic encryption scheme for multi-factor verification: a novel paradigm for remote authentication
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7435875/
https://www.ncbi.nlm.nih.gov/pubmed/32751189
http://dx.doi.org/10.3390/s20154212
work_keys_str_mv AT obaidatmuath ahybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT brownjoseph ahybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT obeidatsuhaib ahybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT rawashdehmajdi ahybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT obaidatmuath hybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT brownjoseph hybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT obeidatsuhaib hybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication
AT rawashdehmajdi hybriddynamicencryptionschemeformultifactorverificationanovelparadigmforremoteauthentication

Ejemplares similares