Dynamically generate a long-lived private key based on password keystroke features and neural network
Introduction
The rapid growth of networks, in terms of both number and size, encourages and forces the linking together of more computers in order to share various kinds of data and exchange huge amounts of information. The PKI (abbr. Public Key Infrastructure) is a collection of technologies, processes and organizational policies that support public-key cryptography applications to verify the relative authenticities. The PKI also provides various mechanisms to ensure the trusted relationships are established and well-maintained, as well as to certify the foundations of confidentiality, authentication, integrity and non-repudiation. With citizen digital certificates in the PKI, we can enjoy convenient and highly secure application services on the Internet, provided by diverse governmental agencies such as personal tax declarations and land administration services.
Cryptographic keys used for signatures and decryptions within a PKI environment can be generated in a centralized or decentralized manner. Under a centralized approach, the keys are generated and stored on a central server, and the keys are transmitted to the individual system when required. Hence, the central server is a trusted third party. It does, however, present one drawback that the third party can become a bottleneck for the entire system. Under a decentralized approach individual computers generate and store the keys locally. That the private key must remain confidential at all times and stored securely is a critical concept common to all PKIs that must be understood and enforced. Because the long-lived private key in public-key cryptography for decrypting ciphertext or signing messages is a long random binary string (RSA keys are typically 1024–2048 bits long) it cannot be memorized by human beings. It therefore must be permanently stored somewhere for future use. This storage area is generally referred to as a key store. This rests on the assumption that the one person who has the ability and permit to access the key store is the owner of that private key.
In most software implementations, the user’s key store key store is protected by encrypting it with a norm symmetric encryption Ek(·) using a key k taken from the hash H(·) of a password pw, denoted as C = EH(pw)(key store). When the user wants to access his/her key store, s/he will be prompted for the same password pw, which will obtain the key store by decrypting C and allow him/her access to the secret key. Unfortunately, in software implementations, passwords are relatively unsecure because they come from a rather limited set of possibilities and therefore they are vulnerable to the password guessing attack [3], [20], [28]. The password guessing attack is a kind of brute force attack, that is, the attacker has a list of words from a dictionary for example to mount the brute force attack. The attacker obtains the storage to access the ciphertext C of key store, even if the symmetric key k = H(pw) is taken from the hash of pw, the attacker can verify the correctness of the guessing password pw′ by checking whether holds or not. After revealing the victim’s password, the attacker is able to freely access his/her key store. At this point authenticity and non-repudiation can no longer be claimed or proven.
Ellison et al. [7] used the concept of secret sharing to split up the key store into several parts. Each part is then encrypted separately, with a password independent of all the others. The attacker should successfully guesses some of these passwords to decrypt the key store. Obviously, the security key store is based on multi passwords rather than a single password. The attacker should pay more attention to reveal multi passwords. However, since the password is sample and short enough to be remembered, then the attacker can look over someone’s shoulder to get passwords (shoulder-surfing attack).
Alternatively, there are other special cryptographic hardware implementations such as an IC (Integrated Circuit) card (so-called smart card, or chipped card) that can be implemented within a PKI to hold users’ private-key information. A key pair, i.e., public and private keys, can be created within hardware modules. Similarly, the user should be required to provide a PIN (Personal Identity Number) to authenticate his/her identity. In order to avoid an applicant losing his/her IC card, the cryptographic modules in an IC card should be internally generated and validated to meet at least the criteria specified by the FIPS (Federal Information Processing Standards Publication) 140-1 or 140-2 standards. The FIPS 140-1 and 140-2 standard was created by the NIST (National Institute of Standards and Technology, [22]) and specifies requirements for the proper design and implementation of products that perform cryptography. Even if the PIN is known in advance, the private key stored in an IC card cannot be exported or copied for unauthorized purposes after generation. The processes for generating signatures or decrypting cipher texts require inserting an IC card into a reader attached to a computer and providing an authorization code to access the IC card. IC cards usually provide a higher level of protection compared to holding the key in software, because they more tamper-proof in nature. Compared to holding the key in software implementation, IC cards are able to provide a higher level of protection. However, the powerful abilities of attackers cannot be ignored. In other words, the attacker may directly access the IC card chip with no password authentication. For example, as reported in [10], experts successfully cracked the encoding scheme with little effort to read out data stored in the IC card.
A private key is a crucial and fundamental component of any PKI implementation. In this paper, the neural network technique and password keystroke features are combined to dynamically generate the long-lived private key. This scheme overthrows the traditional ways of protecting private keys. Even if the adversaries obtain the storage device or the password, the probability of revealing the user’s private key remains very difficult. The proposed scheme is able to reduce the vulnerable password-based schemes when the password is revealed or the storage storing the private key is lost. In summary, a target output of 2048-bit randomized binary integer vector, i.e., the “private key” and a particular input real number and integer vector, i.e., the “password keystroke features” with the corresponding user will be used to train the layered neural network. After adjusting and training the layered neural network, only the weights and biases of the connections between neurons and the transfer functions used in neurons are stored for generating the private key. When a valid user enters his/her password, the password keystroke features are fed into the trained layered neural network and then to generate the user’s private key. Note that the private key is not statically stored in the storage.
The organization of this paper is as follows. Section 2 introduces the basic types of keystroke features and how a layered neural network is able to learn the relationship between a particular input and output pair. Section 3 proposes the dynamic 2048-bit private key method based on keystroke features and the layered neural network. Attack results from human tests are presented in Section 4 to explain how the proposed method is able to protect the private-key even if the corresponding password is revealed. Section 5 shows the computer test brute force attack. The proposed method can reduce the successful probability of mounting brute force attacks even if some information on the feature ranges are known. At the same time, the proposed scheme’s performance is evaluated. Discussions and conclusions are presented in Section 6.
Section snippets
Technical backgrounds
The technical backgrounds used in the proposed scheme are introduced in this section.
The proposed system
Based on the keystroke features and neural networks, we are proposing a novel scheme for the private key protection. The private key is dynamically generated in the proposed scheme rather than statically stored in traditional approaches. Here, an example is given in Fig. 3 in order to explain the framework of the system.
The whole process for dynamically generating the private key system is composed of the following four phases: (a) application phase, (b) training phase, (c) key generation phase
Experimental results
The password-based schemes for protecting private key is solely depend on passwords. The proposed schemes involves password keystroke features. To evaluate the system accuracy, two kinds of error rates (in percentage) through human test are applied.
- •
False Acceptance Rate (FAR): the rate that the system accepts an impostor to generates the corresponding private key.
- •
False Rejection Rate (FRR): the rate that the system rejects a legitimate user to generates the corresponding private key.
Security analysis and performance evaluation
In this section, the security between the proposed scheme and the original scheme for protecting the private key is compared and the proposed scheme’s performance is evaluated.
Discussions and conclusions
This paper enhanced the security of protecting a long-lived private key. The proposed method is based on specific keystroke feature biometrics and the non-linear handling ability of neural networks to dynamically generate the private key. After reviewing the relative works, the four phases of our proposed scheme are illustrated. According to the experimental results, regardless how weak the user-chosen passwords are, our scheme can produce promising results, in terms of FAR and FRR through
Acknowledgments
I would like to thank the Editor-in-Chief, Professor Witold Pedrycz, and the referees for many valuable comments and suggestions which have resulted in several improvements of the presentation of the paper. This research was partially supported by the National Science Council, Taiwan, ROC, under Contract Nos.: NSC100-2221-E-018-025, NSC100-2221-E-018-034 and NSC100-2622-E-018-004-CC3.
References (28)
A convertible multi-authenticated encryption scheme for group communications
Information Sciences
(2008)- et al.
A communication-efficient three-party password authenticated key exchange protocol
Information Sciences
(2011) - et al.
Journal of Systems and Software
(2012) - et al.
Protecting secret keys with personal entry
Future Generation Computer Systems
(2000) - et al.
Keystroke dynamics-based authentication for mobile devices
Computers & Security
(2009) - et al.
Improvement of keystroke data quality through artificial rhythms and cues
Computers & Security
(2008) - et al.
Self-generated-certificate public key encryption without pairing and its application
Information Sciences
(2011) - et al.
Simple password-based three-party authenticated key exchange without server public keys
Information Sciences
(2010) - et al.
Provably secure three-party password-based authenticated key exchange protocol
Information Sciences
(2012) - et al.
User authentication through typing biometrics features
IEEE Transactions on Signal Processing
(2005)
A simple keystroke dynamics-based authentication system using means and standard deviations
Journal of Internet Technology
A personalized rhythm click-based authentication system
Information Management and Computer Security
Neural Network Design
Cited by (20)
Recognition of human daytime fatigue using keystroke data
2018, Procedia Computer ScienceKeystroke dynamics-based user authentication using freely typed text based on user-adaptive feature extraction and novelty detection
2018, Applied Soft Computing JournalCitation Excerpt :Keystroke dynamics has received increasing attention in biometric user authentication research owing to its easy extensibility, as well as for other behavioral analysis tasks such as emotion prediction [38,39] and gender identification [40]. Focusing on keystroke dynamics-based authentication (KDA), early studies primarily attempted to build authentication models based on keystroke data obtained from a fixed number of characters, i.e., identifiers (ID) and passwords [34,41–43]. Although the performance of fixed-size KDA systems has approached that of individual possessive biometric feature systems, there is a significant unresolved issue: once login is granted, there is no way to monitor whether the current user is still a valid user.
Keystroke dynamics-based user authentication using long and free text strings from various input devices
2015, Information SciencesCitation Excerpt :If the classifier determines that the user’s keystroke dynamics is similar to that of the valid user, access to the system will be granted; else, access will be denied even if he knows the correct password. Due to their distinctive advantages over systems with other biometric features, KDA systems have been the subject of considerable research [2,7,11,12,17,18,21,24,25,28,33,35–37,43–47,49,50,53–55,60,61,64,66,67]. These studies have confirmed an increase in authentication efficiency in addition to gradual improvement in authentication performance with KDA systems.
The effects of different alphabets on free text keystroke authentication: A case study on the Korean-English users
2015, Journal of Systems and SoftwareCitation Excerpt :As the mobility and ubiquity of the working environment increases rapidly, a hardware-independent and software-oriented authentication method becomes necessary to enhance the level of system security, and keystroke dynamics can be considered one of the most suitable solutions for such an environment (Xi et al., 2011). Owing to its distinctive advantages, keystroke dynamics-based user authentication (KDA) has been emphasized in a number of studies (Araújo et al., 2005; Chang, 2012; Crawford, 2010; Feher et al., 2012; Giot et al., 2009; Gunetti and Picardi, 2005; Hosseinzadeh and Krishnan, 2008; Kang and Cho, 2009; Monrose et al., 2002; Shimshon et al., 2010; Tappert et al., 2010a; 2010b; Teh et al., 2010; 2011; Uzun and Bicakci, 2012; Zack et al., 2010; Zhang et al., 2010). However, most KDA systems mainly focus on authentication with a fixed number of characters, such as an identifier (ID) and the password combination.
Using the idea of the sparse representation to perform coarse-to-fine face recognition
2013, Information SciencesCitation Excerpt :Biometrics is one of the most important branches of pattern recognition [8,12,13,31,36,38].
HOTA: Handover optimized ticket-based authentication in network-based mobility management
2013, Information SciencesCitation Excerpt :Then, authentication issue, i.e., handover authentication, is left in the basket for further work or relies on existing authentication schemes. However, it is clear that previously developed authentication schemes [4,3,5,26,23] cannot be well adapted to PMIPv6 because PMIPv6 involves different characteristics compared to the host-based mobility management protocols [13,15]. For instance, an MN in PMIPv6 does not maintain its binding update cache that can be used in authentication, as the MN does not generate its own mobility signaling.