Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Secure encrypted steganography graphical password scheme for near field communication smartphone access control system
Cheong S., Ling H., Teh P. Expert Systems with Applications: An International Journal41 (7):3561-3568,2014.Type:Article
Date Reviewed: Apr 23 2015

A two-factor authentication near-field communication (NFC) smartphone access control system is proposed in this paper as an emerging alternative to traditional authentication schemes. The authors combine the usage of digital key cryptography with a proprietary encryption steganography graphical password (ESGP) scheme on the assumption that humans remember images better than numbers.

The authors clearly present their idea and detail the proposed implementation, emphasizing the fact that the ESGP scheme is meant “to increase the security level of existing NFC smartphone access control systems.”

The enrollment phase of the system requires either the user’s photo, in any form, or a random object capture, which will represent the base for the stego-photo generation. Also, a graphical password is generated, after choosing a sequence of three pictures from a 3x3 grid of graphics. The password will serve as a symmetrical key, used to encrypt the access passcode. Finally, via steganography, the encrypted passcode is embedded into the initial picture.

During the authentication process, after initializing the NFC communication between the smartphone and the system NFC reader, each user must provide the graphical password selected during the registration process and then submit the correct stego-photo, chosen from his mobile phone. As the steganography technique is applied so that it doesn’t visibly alter the initial image, it is difficult for an attacker to forge both the digital password and the stego-photo. Upon successful extraction and decryption of the embedded passcode, the user is authenticated within the system.

Also, the paper details the hardware setup of the proposed architecture, used as an access control system for a door lock. This comprises an NFC reader, a controller, a stepper motor with door lock, and a central server, which hosts the user management application.

In the final section of the paper, the authors detail the evaluation of their system, done using a seven-point Likert scale and 40 volunteer participants, in order to measure the “usability, perceived vulnerability, and perceived security of the system.” The survey showed that the system gained a high level of acceptance, especially due to its two-factor authentication mechanism and the emerging graphical password steganography technique used.
Reviewer:  Patriciu Victor-Valeriu Review #: CR143385 (1507-0601)
Bookmark and Share
 
Data Encryption (E.3 )
 
 
Access Schemes (C.2.5 ... )
 
 
Authentication (K.6.5 ... )
 
 
Portable Devices (C.5.3 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Data Encryption": Date
ESA/390 integrated cryptographic facility
Yeh P., Ronald M. S. IBM Systems Journal 30(2): 192-205, 1991. Type: Article		 Feb 1 1992
Design and implementation of an RSA cryptosystem using multiple DSP chips
Er M., Wong D., Sethu A., Ngeow K. Microprocessors & Microsystems 15(7): 369-378, 1991. Type: Article		 Nov 1 1993
An introduction to cryptography
Diffie W. (ed), Hellman M., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471262336)		 Feb 1 1986
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy