A Password-based Authentication System based on The CAPTCHA AI Problem

Powerful cryptographic systems based on mathematically hard problems are utilized to ensure tighter security for data communication purposes. However, these traditional cryptographic systems are bound to fail in the ensuing era of quantum computing. Thus, Artificial Intelligence (AI) inspired securi...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2020-01, Vol.8, p.1-1
Main Authors: Alajmi, Masoud, Elashry, Ibrahim, El-Sayed, Hala S., Faragallah, Osama S.
Format: Article
Language:English
Subjects:
Adaptive systems
AI hard problems
Artificial intelligence
Authentication
CAPTCHA
Cryptography
Data communication
Logic
Parameter sensitivity
Password-based Authentication
Passwords
Quantum computing
Security
Servers
Statistical analysis
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Powerful cryptographic systems based on mathematically hard problems are utilized to ensure tighter security for data communication purposes. However, these traditional cryptographic systems are bound to fail in the ensuing era of quantum computing. Thus, Artificial Intelligence (AI) inspired security methods are needed to secure communications in the era of quantum computing. This paper presents a challenge-response password-based authentication system based on the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) AI hard problem. In this system, a server sends a challenge text to a client, then the client generates a random image and blends the challenge text inside this random image using his password. Then the client sends the generated image to the server. The server extracts the challenge text from the sent image using his copy of the client's password. If the extracted challenge text is the same as the sent challenge text, then both the client's and the server's copies of the password match and the client is authenticated. The efficiency of the proposed system is analyzed and the outcomes prove that the proposed system is efficient in terms of time and space. Also, a security investigation of the proposed system is employed, and the results prove that the system is probabilistic and very sensitive to changes in its parameters. It does not leak any statistical information about the client's password and the generated images cannot be distinguished from random images. In addition, the security of the proposed system is analyzed against two possible attacks; the brute force attack and the replay attack and the results prove that the proposed system is immune to these attacks. Finally, the proposed system is ensured to be indistinguishably secure against an adaptive chosen-challenge text attack (IND-ACCTA), based on the CAPTCHA AI hard problem when the hash function H is modeled as a random oracle.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2020.3018659