Skip to main content
SpringerLink
Log in

An Enhancement of Kerberos Using Biometric Template and Steganography

  • Conference paper
  • First Online:
Cyber Security and Computer Science (ICONCS 2020)

Included in the following conference series:

Abstract

Kerberos, a renowned token based authentication protocol, which is famous since mid-80’s for its cryptographic process, assurance of privacy, and data security for identifying appropriate users. Due to its versatile characteristics, users of the system often need to remember complex passwords as the good practice of the method requires update of the same within a defined time-frame which becomes bit difficult for users to cope up with. At the same time, it also not provides adequate channel security to transmit the user credential between the pathway of the client and server. Therefore, researchers are trying to find out a simple solution where user does not necessitate to memorize the passwords where it could guarantee better user validation. In this paper, an enhancement of Kerberos authentication model has been proposed where biometric template and Steganography are incorporated to solve the existing weaknesses. Instead of taking username and password, the new solution will take a pair of random fingerprints from the user and convert it into a hash. It will then embed the hash in the randomized image and send it to the server for authentication. A security analysis of the proposed protocol is proven using BAN logic in this article where it ensures reliability, practicability and security of the enhanced Kerberos protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 159.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kumar, A., Ome, H.: An improved and secure multiserver authentication scheme based on biometrics and smartcard. Digit. Commun. Netw. 4(1), 27–38 (2018)

    Article  Google Scholar 

  2. Van Dijk, M., et al.: Providing authentication codes which include token codes and biometric factors. U.S. Patent No. 8,752,146, 10 June 2014

    Google Scholar 

  3. Shanmugapriya, D., Padmavathi, G.: A survey of biometric keystroke dynamics: approaches, security and challenges. arXiv preprint arXiv:0910.0817 (2009)

  4. Brostoff, S., Sasse, M.A.: Are passfaces more usable than passwords? A field trial investigation. In: McDonald, S., Waern, Y., Cockton, G. (eds.) People and Computers XIV – Usability or Else!, pp. 405–424. Springer, London (2000). https://doi.org/10.1007/978-1-4471-0515-2_27

    Chapter  Google Scholar 

  5. Kesanupalli, R.: Fingerprint sensor device and system with verification token and methods of using. U.S. Patent Application No. 12/561,186

    Google Scholar 

  6. Hessler, C.J.: Method for mobile security via multi-factor context authentication. U.S. Patent No. 8,935,769, 13 January 2015

    Google Scholar 

  7. Ashibani, Y., Kauling, D., Mahmoud, Q.H.: Design and implementation of a contextual-based continuous authentication framework for smart homes. Appl. Syst. Innov. 2(1), 4 (2019)

    Article  Google Scholar 

  8. Koong, C.-S., Yang, T.-I., Tseng, C.-C.: A user authentication scheme using physiological and behavioral biometrics for multitouch devices. Sci. World J. 2014, 1–12 (2014)

    Article  Google Scholar 

  9. Mukhamedov, A.: Full agreement in BAN kerberos. In: 2005 Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, pp. 218–223. Citeseer (2005)

    Google Scholar 

  10. Lo, G.: A hierarchy of authentication specifications. In: Proceedings of the 10th Computer Security Foundations Workshop (CSFW 1997). IEEE Computer Society (1997)

    Google Scholar 

  11. Kasslin, K., Tikkanen, A.: Kerberos V Security: ReplayAttacks. Enhancing Trust, Citeseer, p. 191

    Google Scholar 

  12. Fan, K., Li, H., Wang, Y.: Security analysis of the kerberos protocol using BAN logic. In: 2009 Fifth International Conference on Information Assurance and Security (2009). https://doi.org/10.1109/ias.2009.320

  13. Leu, J.-S., Hsieh, W.-B.: Efficient and secure dynamic ID-based remote user authentication scheme for distributed systems using smart cards. IET Inf. Secur. 8(2), 104–113 (2013)

    Article  Google Scholar 

  14. Tsai, J.-L., Lo, N.-W., Tzong-Chen, W.: Novel anonymous authentication scheme using smart cards. IEEE Trans. Ind. Inform. 9(4), 2004–2013 (2012)

    Article  Google Scholar 

  15. Yang, G., et al.: Two-factor mutual authentication based on smart cards and passwords. J. Comput. Syst. Sci. 74(7), 1160–1172 (2008)

    Article  MathSciNet  Google Scholar 

  16. Chen, B.-L., Kuo, W.-C., Wuu, L.-C.: Robust smart-card-based remote user password authentication scheme. Int. J. Commun Syst 27(2), 377–389 (2014)

    Article  Google Scholar 

  17. Chattaraj, D., Sarma, M., Das, A.K.: A new two-server authentication and key agreement protocol for accessing secure cloud services. Comput. Netw. 131, 144–164 (2018)

    Article  Google Scholar 

  18. Chaturvedi, A., et al.: A privacy preserving biometric-based three-factor remote user authenticated key agreement scheme. J. Inf. Secur. Appl. 32, 15–26 (2017)

    Google Scholar 

  19. Nacer, H., et al.: A distributed authentication model for composite web services. Comput. Secur. 70, 144–178 (2017)

    Article  Google Scholar 

  20. Das, S., et al.: Lip biometric template security framework using spatial steganography. Pattern Recogn. Lett. 126, 102–110 (2019)

    Article  Google Scholar 

  21. Bhatnagar, G., Wu, Q.M.J., Raman, B.: Biometric template security based on watermarking. Procedia Comput. Sci. 2, 227–235 (2010)

    Article  Google Scholar 

  22. Bedi, P., Bansal, R., Sehgal, P.: Multimodal biometric authentication using PSO based watermarking. Procedia Technol. 4, 612–618 (2012)

    Article  Google Scholar 

  23. Sajjad, M., et al.: CNN-based anti-spoofing two-tier multi-factor authentication system. Pattern Recogn. Lett. 126, 123–131 (2019)

    Article  Google Scholar 

  24. Kadhim, I.J., et al.: Comprehensive survey of image steganography: techniques, evaluations and trends in future research. Neurocomputing 335, 299–326 (2019)

    Article  Google Scholar 

  25. Minz, K.S., Yadav, P.S.: A review on secure communication method based on encryption and steganography. Complexity 6(01) (2019)

    Google Scholar 

  26. Sharma, U.: A review on various approaches of data hiding for secure data transmission (2019)

    Google Scholar 

  27. Jeong, Y.-S., Lee, B.-K., Lee, S.-H.: An efficient device authentication protocol using bioinformatic. In: Wang, Y., Cheung, Y., Liu, H. (eds.) CIS 2006. LNCS (LNAI), vol. 4456, pp. 567–575. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74377-4_59

    Chapter  Google Scholar 

  28. Alturki, F., Mersereau, R.: A novel approach for increasing security and data embedding capacity in images for data hiding applications. In: Proceedings International Conference on Information Technology: Coding and Computing. IEEE (2001)

    Google Scholar 

  29. Ali, S.S., et al.: Polynomial vault: a secure and robust fingerprint based authentication. IEEE Trans. Emerg. Top. Comput. (2019)

    Google Scholar 

  30. Lee, J.K., Ryu, S.R., Yoo, K.Y.: Fingerprint-based remote user authentication scheme using smart cards. Electron. Lett. 38(12), 554–555 (2002)

    Article  Google Scholar 

  31. Wangkeeree, N., Boonkrong, S.: Finding a suitable threshold value for an iris-based authentication system. Int. J. Electr. Comput. Eng. 9, 3558 (2019). (2088–8708)

    Google Scholar 

  32. Mare, S.F., Vladutiu, M., Prodan, L.: Secret data communication system using Steganography, AES and RSA. In: 2011 IEEE 17th International Symposium for Design and Technology in Electronic Packaging (SIITME). IEEE (2011)

    Google Scholar 

  33. Korukonda, V.R., Reddy, E.S.: Iris based texture analysis for verification and detection: revisit (2019)

    Google Scholar 

  34. Kannavara, R., Bourbakis, N.: Iris biometric authentication based on local global graphs: an FPGA implementation. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE (2009)

    Google Scholar 

  35. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. In: ACM Transactions on Computer Systems (TOCS), pp. 18–36. ACM, New York (1990)

    Google Scholar 

Download references

Acknowledgement

The authors would like to express their gratitude to the authority of Cyber Security Center, DIU (CSC, DIU) for the cooperation and support to execute the study.

Author information

Authors and Affiliations

  1. Daffodil International University, Dhaka, Bangladesh

    Munira Tabassum, Afjal H. Sarower & Md. Maruf Hassan

  2. Cyber Security Center, DIU, Dhaka, Bangladesh

    Munira Tabassum, Ashrafia Esha & Md. Maruf Hassan

Authors
  1. Munira Tabassum
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Afjal H. Sarower
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashrafia Esha
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Md. Maruf Hassan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Md. Maruf Hassan .

Editor information

Editors and Affiliations

  1. Daffodil International University, Dhaka, Bangladesh

    Touhid Bhuiyan

  2. Daffodil International University, Dhaka, Bangladesh

    Md. Mostafijur Rahman

  3. Daffodil International University, Dhaka, Bangladesh

    Md. Asraf Ali

Rights and permissions

Reprints and permissions

Copyright information

© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tabassum, M., Sarower, A.H., Esha, A., Hassan, M.M. (2020). An Enhancement of Kerberos Using Biometric Template and Steganography. In: Bhuiyan, T., Rahman, M.M., Ali, M.A. (eds) Cyber Security and Computer Science. ICONCS 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 325. Springer, Cham. https://doi.org/10.1007/978-3-030-52856-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-52856-0_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-52855-3

  • Online ISBN: 978-3-030-52856-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation