A Secure Simple Authenticated Key Exchange Algorithm based Authentication for Social Network
P. Venkateswari and T. Purusothaman
DOI : 10.3844/jcssp.2011.1152.1156
Journal of Computer Science
Volume 7, Issue 8
Problem statement: This study describes about a robust and secured authentication procedure that can be adapted in a private forum within a Social Network Site (SNS) to update its user’s profile. Approach: The robustness is achieved through combining proven security measures combined with usability aspects. The study demonstrates acceptance of such robustness particularly in a SNS to update user’s profile. The study discuss on three related components that were considered for the proposed security measures, namely shared keys based on passwords security methods, personalized questions and one time passwords. The study elaborated shared key for authentication. The keys were calculated based on communication entities at the user’s site. Shared key methods have proved to be effective in withstanding general attacks. Most of information security and network security protocols provide security and preserve secrecy based on cryptography techniques. Results: While the keys could be generated through conventional password based key generation algorithm, the security can also be enhanced by using personalized questions in addition to the password. The study proposed certain ideal security key that would be generated through socially surveyed personalized questions and password. This key would then become a onetime password for the users for a particular login session. While the keys when generated through highly secured manner and used for mutual authentication, social studies have pointed out to usability weakness. Conclusion: This study validated social acceptance in introducing personalized questions that would generate keys for authentication. The study elaborates both authentication technique as well as the social responses on personalized password questions. The personalized password questions have been designed from commonly used security questions like ones that asked to those who have lost their passwords. These questions need to be looked from social angle rather than technical angle. A social survey was conducted restricted to southern India. Based on the responses the questions have been designed and administered in a social network site to generate the keys for authentication purposes. This study elaborates the validity of robustness achieved through this proposed method. The proposed method although proved to be suitable to Southern Indian users of Social Network Site, it can be used for other regions but with personalized questions of that social culture.
© 2011 P. Venkateswari and T. Purusothaman. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.