[attachment=11377]
LOCKER SECURITY SYSTEM IN ADVANCED BANKING USING
efficient OTP generation using stream cipher with random digit
ABSTRACT
The ID and password is the most classical method among authentication techniques on the internet, and is performed more easily and successfully than other methods. However, it is a vulnerable method against attacks such as eavesdropping or replay attack. To overcome this problem, OTP technique is used. The most popular OTP is HOTP algorithm, which is based on one-way hash function SHA-1. It is a cornerstone of initiative for Open Authentication (OATH), it was published as an information IETF RFC 4226 in December 2005. As recent researches show the weakness of the hash function, to overcome this problem we need a new algorithm to replace them. In this paper we propose a method of creating one time password key using Ping Pong-128 stream cipher. Ping Pong is bit based stream cipher and it is designed with both security and efficiency in mind to satisfy the need for lightweight algorithm. We also use random digit, which it safe from attacks to creating a variable with the digit of the OTP.
Safe deposit lockers is one of the attractive features offered by the bank to provide customer satisfaction. Most of the time the bank lockers are stored in highly protected vaults that are inaccessible to the public. Access to a safe deposit locker requires a series of identity challenges that vary by bank, but are designed to ensure that only the customer has access to the contents of his or her locker.
One of the cost effective methods to meet the above challenges are password generation with network security. The algorithm which is used for password generation is OTP generation using stream cipher with random digit.
Ref: IEEE Advanced Communication Technology (ICACT), Issue Date: 7-10 Feb. 2010, Volume: 2 On page(s): 1670 - 1675,
Date of Current Version: 01 April 2010
PLATFORM & SOFTWARE USED:
ASP /Asp.Net 2.0 and Sql Server 2000, VB Script, Java Script (Client Side programming)
TEAM SIZE:
Team of 3 Programmers
TIME FRAME FOR THE PROJECT COMPLETION:
3 Months
PROJECT DOMAIN DESCRIPTION:
The Ping-Pong family of key stream generator is based on the LM-type summation generator. A mutual- clock-control mechanism is added to the LM-type summation generator to provide a security enhancement. PingPong-128, a specific cipher from the Ping-Pong family, is proposed. It takes a 128-bit key and a 128-bit initialization vector, has 257 bits of internal state, and achieves a security level of 128 bits. In this paper, we present the security analysis of PingPong-128, including the resistance to known attacks against the summation generator and other clock-controlled generators.
One of the current trends in cryptography is to search for new approaches to the cryptographic algorithms design. One such possibility is to use the other algebraic structures, such as a quasigroup, rather than the traditional. Quasigroups are equivalent to more familiar Latin squares. One of quasigroups' important properties is that all possible elements of certain quasigroup occur with equal probability. Testing properties of quasigroups of a large order isn't trivial, effective methods are necessary. There are described statistical experiments on various types of data, on various types of guasi-groups in this paper; experiments were done within a framework of a simple quasigorup hash function. The distribution of hash value's changes, for given quasigroup and for given testing data, with respect to bit change in them and with respect to the positions of changed bits were measured.
Secure Messenger is an Application, used to encrypt and decrypt the message. This encrypts and decrypt based on Quasigroups Cryptographic Algorithm (QCA). This messenger used to send encrypted message to Target user (end user or target mobile should have same version of Secure Messenger) or target mobile. This SMS Message is used to transform money between two peoples. This SMS Message is encrypted on your mobile and Encrypted Message is passed on the network. Even though Network operator cannot detect or read the encrypted message in this application for sending encrypted SMS messages using cryptographic methods based on theory of quasigroups is proposed. The encryption algorithm is characterized by a secret key. The application is develop using programming language Java . Our approach to this problem is to develop an application that can be used in mobile devices to encrypt messages that are about to be sent. Naturally de-cryption for encrypted messages is also provided. The encryption and decryption are characterized by a secret key that all legal parties have to posses.
In addition to cryptographic strength, things to consider when developing this type of an application for mobile devices are limitations in memory and processing capacity. Quasigroups are well suited for encryption of this type of data. The cryptographic strength of quasigroup based encryption has been examined.
SCOPE OF THE PROJECT COVERING MODULES IN WHICH WE INTEND TO INTEGRATE IEEE ABSTRACT ABOVE GIVEN:
When the client wants to access their locker, they are asked to enter their locker number, date of birth and secret Password in the system. The system will generate a password randomly using Ping Pong algorithm. The password generated is encrypted using Quasigroup Cryptographic algorithm and it is sent to the SMS from the Server. The customer then enters this Security PIN in the system, and the system will generate access granted/denied ticket which will allow the client to access their locker.
• Locker Holder Profile
o It Contain One, Two or Three Persons can be Jointly open a Locker
o Every Profile Must entered the Mandatory Fields and all persons Photos Identification.
• Collections & Billing
o Cash / Cheque / DD Collection Entry & Bill sent to Customer Email & SMS Sent to his Mobile
• SMS Authorization to Customer
o If one locker holds more than one person, the access person get the Security Access One time PIN & Other Person can authorize his / her mobile via SMS.
o SMS must receive certain period from generating Access One Time PIN the PIN was expired, then he/she recreate the PIN and again authenticate others, Unless the person could not enter the locker room
• Locker Renewal Remainder
o SMS Will Send Automatically to the Customer and intimate the Renewal Information.
• Locker Master
o Locker Contains Different Type if Capacity in Cube MM. Every Locker have unique Locker ID, and Key No (Given by the Locker Production Company)
• Locker Statistics
o View in Graphical Representation for the Individual Locker Type
o View Locker Statistics and Locker Revenue
• MIS Reports