Abstract:
Kerberos, a renowned token based authentication protocol, which is famous since
mid-80 for its cryptographic process, assurance of privacy, and data security for
identifying appropriate users. Due to its versatile characteristics, users of the system
often need to remember complex passwords as the good practice of the method
requires update of the same within a defined time-frame which becomes bit di cult for
users to cope up with. At the same time, it also not provides adequate channel security
to transmit the user credential between the pathway of the client and server.
Therefore, researchers are trying to find out a simple solution where user does not
necessitate memorizing the passwords where it could guarantee better user validation.
In this paper, an enhancement of Kerberos authentication model has been proposed
where biometric template and Steganography are incorporated to solve the existing
weaknesses. Instead of taking username and password, the new solution will take a
pair of random fingerprints from the user and convert it into a hash. It will then embed
the hash in the randomized image and send it to the server for authentication. A
security analysis of the proposed protocol is proven using BAN logic in this article
where it ensures reliability, practicability and security of the enhanced Kerberos
protocol.