Password authentication based on fractal coding scheme. (English) Zbl 1264.94106

Summary: Password authentication is a mechanism used to authenticate user identity over insecure communication channel. In this paper, a new method to improve the security of password authentication is proposed. It is based on the compression capability of the fractal image coding to provide an authorized user a secure access to registration and login process. In the proposed scheme, a hashed password string is generated and encrypted to be captured together with the user identity using text to image mechanisms. The advantage of fractal image coding is to be used to securely send the compressed image data through a non-secure communication channel to the server. The verification of client information with the database system is achieved in the server to authenticate the legal user. The encrypted hashed password in the decoded fractal image is recognized using optical character recognition. The authentication process is performed after a successful verification of the client identity by comparing the decrypted hashed password with those which was stored in the database system. The system is analyzed and discussed from the attacker’s viewpoint. A security comparison is performed to show that the proposed scheme provides an essential security requirement, while its efficiency makes it easier to be applied alone or in hybrid with other security methods. Computer simulation and statistical analysis are presented.


94A62 Authentication, digital signatures and secret sharing
68P25 Data encryption (aspects in computer science)
Full Text: DOI


[1] C. Stoneff, “Fixing weak passwords,” 2010, http://www.net-security.org/article.php?id=1528.
[2] L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol. 24, no. 11, pp. 770-772, 1981.
[3] H. Y. Chien, J. K. Jan, and Y. M. Tseng, “An efficient and practical solution to remote authentication: smart card,” Computers and Security, vol. 21, no. 4, pp. 372-375, 2002.
[4] M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, vol. 46, no. 1, pp. 28-30, 2000.
[5] M. Kumar, “A new secure remote user authentication scheme with smart cards,” International Journal of Network Security, vol. 11, no. 2, pp. 88-93, 2010.
[6] K. Saraswathi, B. Jayaram, and R. Balasubramanian, “Retinal biometrics based authentication and key exchange system,” International Journal of Computer Application, vol. 19, no. 1, 2011.
[7] Y. An, “Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards,” Journal of Biomedicine and Biotechnology, vol. 2012, Article ID 519723, 6 pages, 2012.
[8] J. K. Lee, S. R. Ryu, and K. Y. Yoo, “Fingerprint-based remote user authentication scheme using smart cards,” Electronics Letters, vol. 38, no. 12, pp. 554-555, 2002.
[9] C. T. Wang, T. S. Chen, and S. H. He, “Detecting and restoring the tampered images based on iteration-free fractal compression,” Journal of Systems and Software, vol. 67, no. 2, pp. 131-140, 2003. · Zbl 05433974
[10] E. J. Yoon and K. Y. Yoo, “A secure chaotic hash-based biometric remote user authentication scheme using mobile devices,” in Advance in web and Network Technologies and Information Management, vol. 4537 of Lecture Notes in Computer Science, 2007.
[11] I. Motýl and R. Ja\vsek, “Advanced user authentication process based on the principles of fractal geometry,” in Proceedings of the 11th WSEAS International Conference on Signal Processing, Computational Geometry and Artificial Vision (ISCGAV ’11), pp. 109-112, 2011.
[12] M. F. Barnsley and S. Demko, “Iterated function systems and the global construction of fractals,” Proceedings of the Royal Society. London. Series A, vol. 399, no. 1817, pp. 243-275, 1985. · Zbl 0588.28002
[13] M. F. Barnsley and L. P. Hurd, Fractal Image Compression, A K Peters, Wellesley, Mass, USA, 1993. · Zbl 0796.68186
[14] C. H. Li and S. S. Wang, “Digital watermarking based on fractal image coding,” Journal of the Chinese Institute of Engineers, vol. 23, no. 6, pp. 759-766, 2000.
[15] A. Jacquin, A fractal theory of iterated markov operators with application to digital image coding [Doctoral thesis], Georgia Institute of Technology, 1989.
[16] Y. Fisher, Fractal Image Compression, Springer, New York, NY, USA, 1995. · Zbl 0903.68211
[17] J. Puate and F. D. Jordan, “Using fractal compression scheme to embed a digital signature into an image,” in Video Techniques and Software for Full-Service Networks, vol. 2915 of Proceedings of SPIE, pp. 108-118, Boston, Mass, USA, November 1996.
[18] M. F. Barnsley, Fractals Everywhere, Academic Press Professional, Boston, Mass, USA, 2nd edition, 1993. · Zbl 0784.58002
[19] N. M. G. Al-Saidi and M. R. Md. Said, “A new approach in cryptographic systems using fractal image coding,” Journal of Mathematics and Statistics, vol. 5, no. 3, pp. 183-189, 2009. · Zbl 1184.94223
[20] N. M. G. Al-Saidi and M. R. M. Said, “Improved digital signature protocol using iterated function systems,” International Journal of Computer Mathematics, vol. 88, no. 17, pp. 3613-3625, 2011. · Zbl 1252.94104
[21] W. Yung-Gi, H. Ming-Zhi, and W. Yu-Ling, “Fractal image compression with variance and mean,” in Proceedings of the International Conference on Multimedia and Expo (ICME ’03), vol. 2, pp. 353-356, 2003.
[22] Z. Yuliang, “Authenticated Public Key Encryption Schemes using Universal Hashing,” IEEE P1363: Asymmetric Encryption, 1998.
[23] W. Diffie and M. E. Hellman, “New directions in cryptography,” IEEE, vol. 22, no. 6, pp. 644-654, 1976. · Zbl 0435.94018
[24] C. Blundo and P. D’Arco, “The key establishment problem,” in Foundations of Security Analysis and Design II, vol. 2946 of Lecture Notes in Computer Science, 2004. · Zbl 1202.68165
[25] S. Vicky, H. Heather, and S. Samantha, “Optical character recognition and the visually impaired,” American Foundation for the Blind, vol. 59, pp. 1-10, 2010.
[26] M. Peyravian and N. Zunic, “Methods for protecting password transmission,” Computers and Security, vol. 19, no. 5, pp. 466-469, 2000.
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.