Content uploaded by Artan Luma

Author content

All content in this area was uploaded by Artan Luma on Jun 11, 2022

Content may be subject to copyright.

Content uploaded by Blerton Abazi

Author content

All content in this area was uploaded by Blerton Abazi on Nov 30, 2018

Content may be subject to copyright.

Registration and Authentication Cryptosystem

Using the Pentor and UltraPentor Operators

1st Artan Luma

Faculty of Contemporary Sciences and

Technologies

South East European University

Tetovo, Macedonia

a.luma@seeu.edu.mk

2nd Besnik Selimi

Faculty of Contemporary Sciences and

Technologies

South East European University

Tetovo, Macedonia

b.selimi@seeu.edu.mk

3rd Blerton Abazi

Faculty of Computer Science and

Engineering

University for Business and

Technology - UBT

Prishtina, Kosovo

blerton.abazi@ubt-uni.net

Abstract— Any Internet banking system must solve the issues

of authentication, confidentiality, integrity, and no repudiation,

which means it must ensure that only qualified people can access

an Internet banking account, that the information viewed remains

private and can’t be modified by third parties. However, this kind

of approach does not involve image encryption and their safe

storage for avoiding direct compromise of the data used for

authentication and identification. Other work involves the

definition of a strict authentication system by introducing a multi-

level authentication technique that generates a password in

multilevel instances for accessing and using cloud services inside

of which, an e-mail cloud service can reside as well. In our

research we will present a new approach on how the cryptosystems

will validate the registration and authentication process using the

mathematical pentor and ultrapentor operators. The paper will be

followed by a concrete example of implementation with a detailed

explanation through which we will defend our approach. In this

section, you will briefly describe the project / dissertation based on

which this manuscript has been prepared. You can mention the

motivation that led you to take up this project and its objectives.

Keywords— authentication; identification; cryptosystems;

cryptography; pentor operator; ultrapentor operator; information

security; cyber attacks

I. INTRODUCTION

User authentication and identification in e-mail clients

have always represented a challenge in the Web. Email based

user authentication and identification represent emerging

techniques that appear as an alternative to the standard Public-

Key-Infrastructure (PKI) and furthermore these approaches

allow securing users from faulty impersonations and identity

thefts [1]. However, the authentication and identification

process in the web has not changed over the last twenty years

and is mainly based on password identification and cookies

[2]. The report from Google on email account security

indicates that in 2011 and 2012 there is an increase in Google

account blocking as a result of account hijacking and identity

thefts [3]. The most widely used authentication strategy

represents the text-based password scheme where users enter

their login names and passwords. Despite their popularity,

textual passwords suffer from several drawbacks. Although

simple and straightforward textual passwords are easy to

remember and maintain, they are mostly vulnerable to attacks.

While complex and arbitrary passwords render the system

substantially more secure, resisting the brute force search and

dictionary attacks, they are difficult to guard and memorize

[4].

Another aspect that advances the textual authentication is

the graphical authentication which (compared to words) is

easier to remember. Accordingly, it is difficult to formulate

and orchestrate attacks for graphical authentication

considering that the password space of graphical

authentication extends more than that of textual passwords

and makes them harder to crack and brute force attack

resistant. Still, graphical authentication suffers from the so-

called shoulder-surfing which represents a hazard of intruder

scrutinizing passwords by recording user sessions or directly

supervising the users [5]. Some other related work regarding

multilevel authentication is elaborated in [6] where the authors

propose 3-level authentication based on textual, image based

and one-time password fashion.

It has been proven that the e-banking, is a high-risk area

with a potential for substantial economic loss. The high risk

makes security a prime concern. The results indicate that U.S.

victims of phishing attacks lost five times more money in 2006

than 2005. Although 80% of the victims in 2005 got their

money back, in 2006 only 54% victims were refunded by their

banks. In the U.K., online banking fraud increased by 55%

during the first six months of 2006. It is reported that online

attacks influenced nearly 30% of online banking users; more

than 75% of those users logged in less frequently, and about

14% stopped paying bills online [16].

It is broadly known that the Internet has become an

integral part of our lives, and the proportion of people who

expect to be able to manage their bank accounts from

everywhere is constantly growing. As such, the online system

of e-banking has become a crucial component of any financial

institution’s multichannel strategy. It has been proven that

information about financial institutions, their customers, and

their transactions is, by necessity, extremely sensitive and

doing such business via a public network introduces new

challenges for security and trustworthiness.

Based on the above-mentioned research, it can be seen that

the potential of becoming an internet victim is getting higher,

and in this paper we will describe current authentications and

we will propose a new solution for user authentication as well

as how these solutions can be extended in the face of more

complex future attacks.

II. RELATED WORK

Many encryption algorithms utilized today use proprietary

methods to generate keys and therefore are useful for various

applications. Here, we introduce details for some of these

encryption algorithms. Strong side of these algorithms lies in

the length of the key that is generated and used.

RSA algorithm [8, 9], for example, is based on the generation

of two simple large numbers and , multiplied in the form

. The algorithm also selects an encryption

International Conference on Engineering Technologies (ICENTE'18)

October 26-28,2018,Konya/TURKEY

_________________________________________________________________________________________________________________

E-ISBN: 978-605-68537-3-9

97

exponent e, as and the

pair is sent to the recipient. The recipient on the other

side will now generate cryptic message in the form

. This encrypted message, then can be encrypted

after the component is found, which is easy considering

that the sender has and from where it finds d as

following . Decryption

process is performed as . The problem is

that the algorithm is based on the generation of large prime

numbers which is time consuming and computationally

intensive.

Another approach that belongs to Online authentication is the

TEA (Tiny Encryption Algorithm) [10–12]. This algorithm

generates random numbers that will be sent to users that

request authentication. From this random number together

with user’s secret key, a ciphertext message is generated.

After the server receives the encrypted message, it decrypts it

using the random number sent earlier. The disadvantage of

this approach is that the secret key is previously used for

securing the communication line established between the user

and the server rather than directly for authentication. Another

aspect of this approach is that it is not clear in which way the

secret key is sent or at least generated by the user.

In addition to the above mentioned, let us present two

operators given as mathematical models called Pentor and

Ultra Pentor [13]. These operators can easily be generated

from any number and can be used for encryption purposes.

The power of the proposed cryptosystem lies in the

irreversibility trait that these two operators have during the

authentication process. Once operators are generated, it is

extremely difficult to find numbers from which these

operators are derived. This irreversible feature is used to

create online authentication scheme which uses exactly three

steps of encryption algorithm. The power of the cryptosystem

justifies the proposed approach for its potential application in

online authentication systems. In the following section, their

definitions and properties will be analyzed.

III. CRYPTOGRAPHY WITH PENTOR AND ULTRA PENTOR

OPERATORS

In [14, 15] a mathematical definition for Pentor and Ultra

Pentor is introduced. A Pentor of a number is given as an

integer number with base and for every natural and integer

number there exists one Pentor for the given base . In

order to represent this operator mathematically, we start from

the modular equation for Pentor of an integer number with

base that fulfills the condition .

From the aforementioned conditions the following was

acquired [14]:

where represents the base of the integer number ,

is the Pentor of the integer number, whilst and represent

the order of the Pentor for the given integer number. The

modular expression was transformed to the equality

expression of the form:

where is an integer number that fulfills the condition for the

fraction to remain an integer number. For example, if we want

to find the Pentor of the first order than , the Pentor

of the second order than and so on [14].

Likewise, the UltraPentor of a number with base in

which for every natural and integer number there exists an

UltraPentor for the given base [14]. In order to represent

this operator mathematically, we start from modular equation

for UltraPentor of integer number with base that fulfills

the condition . Considering the above

mentioned conditions, the modular equation for UltraPentor

will look like:

where is an integer number. The modular expression [1],

was transformed to the equality expression by applying

logarithmic operations on both sides and finding the

UltraPentor as follows:

where and there is:

If then UltraPentor of an integer number

with base can be written as:

where is an integer number that fulfills the condition for

to be written as , where a is also an integer

number [15]. The power of the above mentioned operators lie

in their properties of irreversibility of retrieving the from

the Pentor or UltraPentor itself which in our designed

cryptosystem is kept secret on the user’s side.

IV. CRYPTOSYSTEM ALGORITHM FOR REGISTRATION

(CERTIFICATION) AND AUTHENTICATION

At the beginning we will give some basic concepts for

designing a new cryptosystem for registration (certification)

and authentication. This cryptosystem will be based on

mathematical operators known as Pentor and UltraPentor. As

far as these two operators are concerned, we have clarified all

the concepts for them at the previous section.

Now based on a scheme we will try to clarify the

registration process (certification) of this new cryptosystem,

as it is shown on the following figure:

Fig. 1 Registration (certification)

International Conference on Engineering Technologies (ICENTE'18)

October 26-28,2018,Konya/TURKEY

_________________________________________________________________________________________________________________

E-ISBN: 978-605-68537-3-9

98

From Fig. 1, it is clear that the client will be able to register

(certify) by making a request to ID Server, where along with

the request will also must enter the that shortly

we will make it with . Then the ID Server will receive a

random number from the list provided, which will also be the

secret key of the client and we will mark it with . In the

same time, we define the order of Pentor and UltraPentor

where we will mark it . After we have defined , now we

can begin the calculations of the Pentor and Ultrapentor

operators. Once these are calculated by ID Server on the server

base they will be saved as , and , where and

are the secret key of the client. The ID Server will calculate

the function and will add the , with the

couple of (certificate) will be sent to the client.

Now these data, the client can be transferred/sent in

various forms such as: certificate on USB, CD/DVD, etc. In

this form the third party is not able to get information for the

client. So, the registration process (certification) ends here.

Now we will explain the authentication process based on

the following schema:

Fig. 2 Authentification

The client calculates the function

and will add the , where during the calculation it takes a

random number. Then, the client sends the couple of numbers

, to the Server ID, where the server ID will need to

authenticate the client. Than it will happen an pentor attack

with pentor operator to the function and according to

the pentor attach algorithm in the end of the process a value is

gained which we will store at the variable. Now this value

must be fulfilled with , and if it is that the ID Server has

authenticated the client and gives access to the system,

otherwise if will be rejected.

V. CASE STUDY

Now we will show how the client's registration in the new

cryptosystem will be realized. Now, the client will be able to

register (certify) by making a request to ID Server, where

along with the request will add also the

that shortly we will mark it as . This value will

need to be converted based on ASCII code from text to

number and we will have

, so . Then ID

Server will receive a random number from the list provided,

which will also be the secret key of the client and we will

mark it with , ku . We also define the order of

Pentor and UltraPentor where we will mark it with , so

. After we have defined , now we can begin with the

calculations of the Pentor and UltraPentor.

Calculation of Pentor is done based on the formula:

Where , and .

Now, we'll count the client's Pentor:

So, the pentor of the client will be

4.

And UltraPentor calculations are made based on the formula:

Where and 10.

Now, we'll count the UltraPentor of the client:

So the client UltraPentor will be

.

Once Pentori and UltraPentor have been calculated they will

be saved by ID Server on base as , and , where

and are the clients secret key. ID Server will make you

calculate a function and will add the , and

the couple of (certificate) and will sent all together

to the client.

The function will be calculated as in the

following:

Now, when the UltraPentor has the value of

, then

we function value we gained we will divide by six digits

from left to right as the following:

Now we sum up these values as follows:

As the result of the function there are still more than six

figures that we continue with his cutting, as follows:

Now we sum up these values as follows:

Now from this value by shifting the figures we will get

some combinations and the following:

where zero is replaced by and we get

Now from all these combinations we choose one or

random as a client function .

International Conference on Engineering Technologies (ICENTE'18)

October 26-28,2018,Konya/TURKEY

_________________________________________________________________________________________________________________

E-ISBN: 978-605-68537-3-9

99

The client certificate will be from these parameters as

follows:

Now these data, the client can be sent in various forms

such as: certificate on USB, CD/DVD, Cloud etc. In this form

the third party is not able to get information for the client. So,

the registration process (certification) ends.

Now we will explain the authentication process. The client

calculates the function and will add

the , where in the calculation take a random number.

The function will be calculated as

in the following:

Now that UltraPentor has value

, then the value

gained in the function divide by six digits from left to right

as the following:

Since it was the first digit of the value is zero

then zero is replaced by and we get the value of

Now we sum up these values as follows:

As the result of the function there are still more than

six figures that we continue with his cutting, as follows:

Now we sum up these values as follows:

Now from this value by shifting the figures we will get

some combinations and the following:

Now from all these combinations we choose one whom we

want or random as a client function .

Then, the client sends the the

, to the ID Server, where the

ID Server will need to authenticate the client. The function

will be have a Pentor Attack with the Pentor operator

and according to the Pentor Attack algorithm, in the end a

value is gained to store on the variables .

The Pentor Attach will happen as following:

So, the variable is .

Now, this value must be fully versatile with , and

if it is than the ID Server has authenticated the client and the

client will gain access to the system, otherwise the system will

reject the request.

In our concrete case we will have the following result:

which means that the ID Server has authenticated the client

and gives access to the relevant client system.

VI. CONCLUSIONS

In this paper we have presented a completely new

cryptographic algorithm as well as cryptosystem that use this

algorithm for online user authentication. From the numeric

examples it has been shown that the cryptosystem fully works

and can be implemented in many applications where highly

secured user transactions required.

Other important aspect is that the authentication does not

need an encryption key for the process itself, but it can be used

additionally for line security (encryption) considering that

user might use regular unsecured internet line.

The future work would involve creating an online user

authentication page that would use our proposed algorithm in

real life applications. Some work has already started and

results will follow soon.

REFERENCES

[1] S.L. Garfinkel, E-mail based authentication and

identification: an alternative to PKI. IEEE Comput. Soc. 1(6),

20–26 (2003).

[2] M. Dietz, A. Czeskis, D.S. Wallach, D. Balfanz, Origin-

bound certificates: a fresh approach to strong client

authentication for the web, in Proceedings of the 21st Usenix

Security Symposium, 2012.

[3] M. Hern, An update on our war against account hijackers.

The Google Blog (2013). Available via GOOGLE Online

Security.

http://googleonlinesecurity.blogspot.com/2013/02/an-

International Conference on Engineering Technologies (ICENTE'18)

October 26-28,2018,Konya/TURKEY

E-ISBN: 978-605-68537-3-9

100

update-on-our-war-against-account.html of subordinate

document. Cited 15 June 2013.

[4] S. Balaji, Authentication techniques for engendering

session passwords with colors and text. Adv. Inf. Technol.

Manage. 1(2), 71–78 (2012).

[5] H. Zhao, X. Li, S3PAS: a scalable shoulder-surfing

resistant textual-graphical password authentication scheme,

in 21st International Conference on Advanced Information

Networking and Applications Workshops (AINAW 07)

(2007), pp. 467–472.

[6] S. Anand, P. Jain, Nitin, R. Rastogi, Security analysis and

implementation of 3-level security system using image based

authentication, in Computer Modelling and Simulation

(UKSim) (2012), pp. 547–552.

[7] H.A. Dinesha, V.K. Agrawal, Multi-level authentication

technique for accessing cloud services, in International

Conference on Computing, Communication and Applications

(ICCCA) (2012), pp. 1–4.

[8] R. Rivest, A. Shamir, L. Adleman, A method for obtaining

digital signatures and public-key cryptosystems. Commun.

ACM 21(2), 120–126 (1978).

[9] D. Boneh, Twenty years of attacks on the RSA

cryptosystem. Not. Am. Math. Soc. 46(2), 203–213 (1999).

[10] D.J. Wheeler, R.M. Needham, TEA, a tiny encryption

algorithm. Lecture Notes in Computer Science (LNCS)

(Leuven, Belgium: Fast Software Encryption: Second

International Workshop), vol. 1008 (1994), pp. 363–366.

[11] J. Kelsey, B. Schneier, D. Wagner, Related-key

cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X

NewDES, RC2, and TEA. Lecture Notes in Computer

Science (LNCS) vol. 1334 (1997), pp. 233–246.

[12] A. Bogdanov, M. Wang, Zero-correlation linear

cryptanalysis with reduced data complexity. Lecture Notes in

Computer Science (LNCS) (Fast Software Encryption 2012),

vol. 7549 (2012), pp. 29–48.

[13] A. Luma, B. Ismaili, B. Raufi, Multilevel user

authentication and identification scheme for email clients. in

Proceedings of the world congress on engineering, WCE

2013, 3–5 July 2013. Lecture notes in engineering and

computer science, London, UK (2013), pp. 1221–1225.

[14] A. Luma, B. Raufi, New data encryption algorithm and

its implementation for online user authentication, in

International Conference on Security and Management,

(CSREA Press, USA, 2009), pp. 81–85.

[15] A. Luma, B. Raufi, Xh Zenuni, Asymmetric encryption

decryption with Pentor and ultra Pentor operators. Online J.

Sci. Technol. (TOJSAT) 2(2), 9–12 (2012).

[16] M. Hertzum, J. N. Christian, N. Jørgensen and M.

Nørgaard, Usable Security and E-Banking: ease of use vis-a-

vis security J. Australasian Journal of Information Systems.

11, 2, 2004.

International Conference on Engineering Technologies (ICENTE'18)

October 26-28,2018,Konya/TURKEY

E-ISBN: 978-605-68537-3-9

101