Abstract
Information security has been a critical issue in the field of information systems. One of the key factors in the security of a computer system is how to identify the authorization of users. Password-based user authentication is widely used to authenticate a legitimate user in the current system. In conventional password-based user authentication schemes, a system has to maintain a password table or verification table which stores the information of users’ IDs and passwords. Although the one-way hash functions and encryption algorithms are applied to prevent the passwords from being disclosed, the password table or verification table is still vulnerable. In order to solve this problem, in this paper, we apply the technique of back-propagation network instead of the functions of the password table and verification table. Our proposed scheme is useful in solving the security problems that occurred in systems using the password table and verification table. Furthermore, our scheme also allows each user to select a username and password of his/her choice.
Access this article
Rent this article via DeepDyve
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs00521-004-0460-x/MediaObjects/s00521-004-0460-xflb1.gif)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs00521-004-0460-x/MediaObjects/s00521-004-0460-xflb2.gif)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs00521-004-0460-x/MediaObjects/s00521-004-0460-xflb3.gif)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs00521-004-0460-x/MediaObjects/s00521-004-0460-xflb4.gif)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs00521-004-0460-x/MediaObjects/s00521-004-0460-xfhb5.jpg)
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Bleha S, Obaidat MS (1991) Dimensionality reduction and feature extraction applications in identifying computer users. IEEE Trans Syst Man Cybern 21:452–456
Chang CC, Hwang RJ, Daniel JB (1993) Using smart cards to authenticate passwords. In: IEEE International Carnahan conference on Security technology, pp 154–156
Chang CC, Hwang SJ (1993) Using smart cards to authenticate remote passwords. Comput Math Appl 26(7):19–27
Damgard IB (1989) A design principle for hash functions. In: Advances in Cryptology, CRYPTO’89, pp 416–427
Evans A Jr, Kantrowitz W, Weiss E (1974) A user authentication scheme not requiring secrecy in the computer. Commun ACM 17:437–442
Ford W (1992) Security techniques for network management. In: Advanced Communications and Applications for High Speed Networks, pp 133–149
Hwang MS (1999) Cryptanalysis of remote login authentication scheme. Comput Commun 22(8):742–744
Hwang MS (1999) A remote password authentication scheme based on the digital signature method. Int J Comput Math 70:657–666
Hwang MS, Lee CC, Tang YL (2001) An improvement of SPLICE/AS in WIDE against guessing attack. Int J Inform 12(2):297–302
Hwang M-S, Li LH (2000) A new remote user authentication scheme using smart cards. IEEE Trans Consumer Electron 46(1):28–30
ISO/IEC 9797. Data cryptographic techniques-Data integrity mechanism using a cryptographic check functionemploying a block cipher algorithm. Internal Organization for Standardization
Jan JK, Chen YY (1998) ’Paramita wisdom’ password authentication scheme without verification tables. J Syst Software 42:45–57
Jobush DL, Oldehoeft AE (1989) A survey of password mechanisms: weakness and potential improvements. Comput Security 8:587–604
Li LH, Lin IC, Hwang MS (2001) A remote password authentication scheme for multiserver architecture using neurnal networks. IEEE Trans on Neurnal Netw 12(6):1498-1504
Lippman RP (1987) An introduction to computing with neural nets. IEEE ASSP Magazine, pp 4–22
Merkle RC (1989) One way hash function and DES. In: Advances in Cryptology-CRYPTO’89, pp 428–446
Merkle RC (1990) A fast software one-way hash function. J Cryptogr 3(1):43–58
Morris R, Thompson K (1979) Password security: a case history. Communi ACM 22:594–597
Needham RM, Schroeder MD (1978) Using encryption for authentication in large networks of computers. Communi ACM 21:993–999
Neuman BC, Ts’o T (1994) Kerberos: an authentication service for computer networks. IEEE Communi Mag 32(9):33–38
Obaidat MS, Macchiarolo DT (1994) An multilayer neural network system for computer access security. IEEE Trans Syst Man Cybern 24:806–813
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public key cryptosystems. Communi ACM 21:120–126
Roth M (1990) Survey of neural network technology for automatic target recognition. IEEE Trans Neural Netw 1:28–43
Soh BC, Dillon TS (1995) Setting optimal intrusion-detection thresholds. Computers & Security 14:621–631
Manber U (1996) A simple scheme to make passwords based on one-way function much harder to crack. Comput Security 15(2):171–176
Yang CY, Lee CC, Hsiao SY (2005) Man-in-the-middle attack on the authentication of the user from the remote autonomous object. Int J Network Security 1(1):22–24
Acknowledgements
The authors wish to thank many anonymous referees for their suggestions to improve this paper.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lin, IC., Ou, HH. & Hwang, MS. A user authentication system using back-propagation network. Neural Comput & Applic 14, 243–249 (2005). https://doi.org/10.1007/s00521-004-0460-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-004-0460-x