Content uploaded by Artan Luma
Author content
All content in this area was uploaded by Artan Luma on Jun 11, 2022
Content may be subject to copyright.
Content uploaded by Blerton Abazi
Author content
All content in this area was uploaded by Blerton Abazi on Nov 30, 2018
Content may be subject to copyright.
Registration and Authentication Cryptosystem
Using the Pentor and UltraPentor Operators
1st Artan Luma
Faculty of Contemporary Sciences and
Technologies
South East European University
Tetovo, Macedonia
a.luma@seeu.edu.mk
2nd Besnik Selimi
Faculty of Contemporary Sciences and
Technologies
South East European University
Tetovo, Macedonia
b.selimi@seeu.edu.mk
3rd Blerton Abazi
Faculty of Computer Science and
Engineering
University for Business and
Technology - UBT
Prishtina, Kosovo
blerton.abazi@ubt-uni.net
Abstract— Any Internet banking system must solve the issues
of authentication, confidentiality, integrity, and no repudiation,
which means it must ensure that only qualified people can access
an Internet banking account, that the information viewed remains
private and can’t be modified by third parties. However, this kind
of approach does not involve image encryption and their safe
storage for avoiding direct compromise of the data used for
authentication and identification. Other work involves the
definition of a strict authentication system by introducing a multi-
level authentication technique that generates a password in
multilevel instances for accessing and using cloud services inside
of which, an e-mail cloud service can reside as well. In our
research we will present a new approach on how the cryptosystems
will validate the registration and authentication process using the
mathematical pentor and ultrapentor operators. The paper will be
followed by a concrete example of implementation with a detailed
explanation through which we will defend our approach. In this
section, you will briefly describe the project / dissertation based on
which this manuscript has been prepared. You can mention the
motivation that led you to take up this project and its objectives.
Keywords— authentication; identification; cryptosystems;
cryptography; pentor operator; ultrapentor operator; information
security; cyber attacks
I. INTRODUCTION
User authentication and identification in e-mail clients
have always represented a challenge in the Web. Email based
user authentication and identification represent emerging
techniques that appear as an alternative to the standard Public-
Key-Infrastructure (PKI) and furthermore these approaches
allow securing users from faulty impersonations and identity
thefts [1]. However, the authentication and identification
process in the web has not changed over the last twenty years
and is mainly based on password identification and cookies
[2]. The report from Google on email account security
indicates that in 2011 and 2012 there is an increase in Google
account blocking as a result of account hijacking and identity
thefts [3]. The most widely used authentication strategy
represents the text-based password scheme where users enter
their login names and passwords. Despite their popularity,
textual passwords suffer from several drawbacks. Although
simple and straightforward textual passwords are easy to
remember and maintain, they are mostly vulnerable to attacks.
While complex and arbitrary passwords render the system
substantially more secure, resisting the brute force search and
dictionary attacks, they are difficult to guard and memorize
[4].
Another aspect that advances the textual authentication is
the graphical authentication which (compared to words) is
easier to remember. Accordingly, it is difficult to formulate
and orchestrate attacks for graphical authentication
considering that the password space of graphical
authentication extends more than that of textual passwords
and makes them harder to crack and brute force attack
resistant. Still, graphical authentication suffers from the so-
called shoulder-surfing which represents a hazard of intruder
scrutinizing passwords by recording user sessions or directly
supervising the users [5]. Some other related work regarding
multilevel authentication is elaborated in [6] where the authors
propose 3-level authentication based on textual, image based
and one-time password fashion.
It has been proven that the e-banking, is a high-risk area
with a potential for substantial economic loss. The high risk
makes security a prime concern. The results indicate that U.S.
victims of phishing attacks lost five times more money in 2006
than 2005. Although 80% of the victims in 2005 got their
money back, in 2006 only 54% victims were refunded by their
banks. In the U.K., online banking fraud increased by 55%
during the first six months of 2006. It is reported that online
attacks influenced nearly 30% of online banking users; more
than 75% of those users logged in less frequently, and about
14% stopped paying bills online [16].
It is broadly known that the Internet has become an
integral part of our lives, and the proportion of people who
expect to be able to manage their bank accounts from
everywhere is constantly growing. As such, the online system
of e-banking has become a crucial component of any financial
institution’s multichannel strategy. It has been proven that
information about financial institutions, their customers, and
their transactions is, by necessity, extremely sensitive and
doing such business via a public network introduces new
challenges for security and trustworthiness.
Based on the above-mentioned research, it can be seen that
the potential of becoming an internet victim is getting higher,
and in this paper we will describe current authentications and
we will propose a new solution for user authentication as well
as how these solutions can be extended in the face of more
complex future attacks.
II. RELATED WORK
Many encryption algorithms utilized today use proprietary
methods to generate keys and therefore are useful for various
applications. Here, we introduce details for some of these
encryption algorithms. Strong side of these algorithms lies in
the length of the key that is generated and used.
RSA algorithm [8, 9], for example, is based on the generation
of two simple large numbers and , multiplied in the form
. The algorithm also selects an encryption
International Conference on Engineering Technologies (ICENTE'18)
October 26-28,2018,Konya/TURKEY
_________________________________________________________________________________________________________________
E-ISBN: 978-605-68537-3-9
97
exponent e, as and the
pair is sent to the recipient. The recipient on the other
side will now generate cryptic message in the form
. This encrypted message, then can be encrypted
after the component is found, which is easy considering
that the sender has and from where it finds d as
following . Decryption
process is performed as . The problem is
that the algorithm is based on the generation of large prime
numbers which is time consuming and computationally
intensive.
Another approach that belongs to Online authentication is the
TEA (Tiny Encryption Algorithm) [10–12]. This algorithm
generates random numbers that will be sent to users that
request authentication. From this random number together
with user’s secret key, a ciphertext message is generated.
After the server receives the encrypted message, it decrypts it
using the random number sent earlier. The disadvantage of
this approach is that the secret key is previously used for
securing the communication line established between the user
and the server rather than directly for authentication. Another
aspect of this approach is that it is not clear in which way the
secret key is sent or at least generated by the user.
In addition to the above mentioned, let us present two
operators given as mathematical models called Pentor and
Ultra Pentor [13]. These operators can easily be generated
from any number and can be used for encryption purposes.
The power of the proposed cryptosystem lies in the
irreversibility trait that these two operators have during the
authentication process. Once operators are generated, it is
extremely difficult to find numbers from which these
operators are derived. This irreversible feature is used to
create online authentication scheme which uses exactly three
steps of encryption algorithm. The power of the cryptosystem
justifies the proposed approach for its potential application in
online authentication systems. In the following section, their
definitions and properties will be analyzed.
III. CRYPTOGRAPHY WITH PENTOR AND ULTRA PENTOR
OPERATORS
In [14, 15] a mathematical definition for Pentor and Ultra
Pentor is introduced. A Pentor of a number is given as an
integer number with base and for every natural and integer
number there exists one Pentor for the given base . In
order to represent this operator mathematically, we start from
the modular equation for Pentor of an integer number with
base that fulfills the condition .
From the aforementioned conditions the following was
acquired [14]:
where represents the base of the integer number ,
is the Pentor of the integer number, whilst and represent
the order of the Pentor for the given integer number. The
modular expression was transformed to the equality
expression of the form:
where is an integer number that fulfills the condition for the
fraction to remain an integer number. For example, if we want
to find the Pentor of the first order than , the Pentor
of the second order than and so on [14].
Likewise, the UltraPentor of a number with base in
which for every natural and integer number there exists an
UltraPentor for the given base [14]. In order to represent
this operator mathematically, we start from modular equation
for UltraPentor of integer number with base that fulfills
the condition . Considering the above
mentioned conditions, the modular equation for UltraPentor
will look like:
where is an integer number. The modular expression [1],
was transformed to the equality expression by applying
logarithmic operations on both sides and finding the
UltraPentor as follows:
where and there is:
If then UltraPentor of an integer number
with base can be written as:
where is an integer number that fulfills the condition for
to be written as , where a is also an integer
number [15]. The power of the above mentioned operators lie
in their properties of irreversibility of retrieving the from
the Pentor or UltraPentor itself which in our designed
cryptosystem is kept secret on the user’s side.
IV. CRYPTOSYSTEM ALGORITHM FOR REGISTRATION
(CERTIFICATION) AND AUTHENTICATION
At the beginning we will give some basic concepts for
designing a new cryptosystem for registration (certification)
and authentication. This cryptosystem will be based on
mathematical operators known as Pentor and UltraPentor. As
far as these two operators are concerned, we have clarified all
the concepts for them at the previous section.
Now based on a scheme we will try to clarify the
registration process (certification) of this new cryptosystem,
as it is shown on the following figure:
Fig. 1 Registration (certification)
International Conference on Engineering Technologies (ICENTE'18)
October 26-28,2018,Konya/TURKEY
_________________________________________________________________________________________________________________
E-ISBN: 978-605-68537-3-9
98
From Fig. 1, it is clear that the client will be able to register
(certify) by making a request to ID Server, where along with
the request will also must enter the that shortly
we will make it with . Then the ID Server will receive a
random number from the list provided, which will also be the
secret key of the client and we will mark it with . In the
same time, we define the order of Pentor and UltraPentor
where we will mark it . After we have defined , now we
can begin the calculations of the Pentor and Ultrapentor
operators. Once these are calculated by ID Server on the server
base they will be saved as , and , where and
are the secret key of the client. The ID Server will calculate
the function and will add the , with the
couple of (certificate) will be sent to the client.
Now these data, the client can be transferred/sent in
various forms such as: certificate on USB, CD/DVD, etc. In
this form the third party is not able to get information for the
client. So, the registration process (certification) ends here.
Now we will explain the authentication process based on
the following schema:
Fig. 2 Authentification
The client calculates the function
and will add the , where during the calculation it takes a
random number. Then, the client sends the couple of numbers
, to the Server ID, where the server ID will need to
authenticate the client. Than it will happen an pentor attack
with pentor operator to the function and according to
the pentor attach algorithm in the end of the process a value is
gained which we will store at the variable. Now this value
must be fulfilled with , and if it is that the ID Server has
authenticated the client and gives access to the system,
otherwise if will be rejected.
V. CASE STUDY
Now we will show how the client's registration in the new
cryptosystem will be realized. Now, the client will be able to
register (certify) by making a request to ID Server, where
along with the request will add also the
that shortly we will mark it as . This value will
need to be converted based on ASCII code from text to
number and we will have
, so . Then ID
Server will receive a random number from the list provided,
which will also be the secret key of the client and we will
mark it with , ku . We also define the order of
Pentor and UltraPentor where we will mark it with , so
. After we have defined , now we can begin with the
calculations of the Pentor and UltraPentor.
Calculation of Pentor is done based on the formula:
Where , and .
Now, we'll count the client's Pentor:
So, the pentor of the client will be
4.
And UltraPentor calculations are made based on the formula:
Where and 10.
Now, we'll count the UltraPentor of the client:
So the client UltraPentor will be
.
Once Pentori and UltraPentor have been calculated they will
be saved by ID Server on base as , and , where
and are the clients secret key. ID Server will make you
calculate a function and will add the , and
the couple of (certificate) and will sent all together
to the client.
The function will be calculated as in the
following:
Now, when the UltraPentor has the value of
, then
we function value we gained we will divide by six digits
from left to right as the following:
Now we sum up these values as follows:
As the result of the function there are still more than six
figures that we continue with his cutting, as follows:
Now we sum up these values as follows:
Now from this value by shifting the figures we will get
some combinations and the following:
where zero is replaced by and we get
Now from all these combinations we choose one or
random as a client function .
International Conference on Engineering Technologies (ICENTE'18)
October 26-28,2018,Konya/TURKEY
_________________________________________________________________________________________________________________
E-ISBN: 978-605-68537-3-9
99
The client certificate will be from these parameters as
follows:
Now these data, the client can be sent in various forms
such as: certificate on USB, CD/DVD, Cloud etc. In this form
the third party is not able to get information for the client. So,
the registration process (certification) ends.
Now we will explain the authentication process. The client
calculates the function and will add
the , where in the calculation take a random number.
The function will be calculated as
in the following:
Now that UltraPentor has value
, then the value
gained in the function divide by six digits from left to right
as the following:
Since it was the first digit of the value is zero
then zero is replaced by and we get the value of
Now we sum up these values as follows:
As the result of the function there are still more than
six figures that we continue with his cutting, as follows:
Now we sum up these values as follows:
Now from this value by shifting the figures we will get
some combinations and the following:
Now from all these combinations we choose one whom we
want or random as a client function .
Then, the client sends the the
, to the ID Server, where the
ID Server will need to authenticate the client. The function
will be have a Pentor Attack with the Pentor operator
and according to the Pentor Attack algorithm, in the end a
value is gained to store on the variables .
The Pentor Attach will happen as following:
So, the variable is .
Now, this value must be fully versatile with , and
if it is than the ID Server has authenticated the client and the
client will gain access to the system, otherwise the system will
reject the request.
In our concrete case we will have the following result:
which means that the ID Server has authenticated the client
and gives access to the relevant client system.
VI. CONCLUSIONS
In this paper we have presented a completely new
cryptographic algorithm as well as cryptosystem that use this
algorithm for online user authentication. From the numeric
examples it has been shown that the cryptosystem fully works
and can be implemented in many applications where highly
secured user transactions required.
Other important aspect is that the authentication does not
need an encryption key for the process itself, but it can be used
additionally for line security (encryption) considering that
user might use regular unsecured internet line.
The future work would involve creating an online user
authentication page that would use our proposed algorithm in
real life applications. Some work has already started and
results will follow soon.
REFERENCES
[1] S.L. Garfinkel, E-mail based authentication and
identification: an alternative to PKI. IEEE Comput. Soc. 1(6),
20–26 (2003).
[2] M. Dietz, A. Czeskis, D.S. Wallach, D. Balfanz, Origin-
bound certificates: a fresh approach to strong client
authentication for the web, in Proceedings of the 21st Usenix
Security Symposium, 2012.
[3] M. Hern, An update on our war against account hijackers.
The Google Blog (2013). Available via GOOGLE Online
Security.
http://googleonlinesecurity.blogspot.com/2013/02/an-
International Conference on Engineering Technologies (ICENTE'18)
October 26-28,2018,Konya/TURKEY
_________________________________________________________________________________________________________________
E-ISBN: 978-605-68537-3-9
100
update-on-our-war-against-account.html of subordinate
document. Cited 15 June 2013.
[4] S. Balaji, Authentication techniques for engendering
session passwords with colors and text. Adv. Inf. Technol.
Manage. 1(2), 71–78 (2012).
[5] H. Zhao, X. Li, S3PAS: a scalable shoulder-surfing
resistant textual-graphical password authentication scheme,
in 21st International Conference on Advanced Information
Networking and Applications Workshops (AINAW 07)
(2007), pp. 467–472.
[6] S. Anand, P. Jain, Nitin, R. Rastogi, Security analysis and
implementation of 3-level security system using image based
authentication, in Computer Modelling and Simulation
(UKSim) (2012), pp. 547–552.
[7] H.A. Dinesha, V.K. Agrawal, Multi-level authentication
technique for accessing cloud services, in International
Conference on Computing, Communication and Applications
(ICCCA) (2012), pp. 1–4.
[8] R. Rivest, A. Shamir, L. Adleman, A method for obtaining
digital signatures and public-key cryptosystems. Commun.
ACM 21(2), 120–126 (1978).
[9] D. Boneh, Twenty years of attacks on the RSA
cryptosystem. Not. Am. Math. Soc. 46(2), 203–213 (1999).
[10] D.J. Wheeler, R.M. Needham, TEA, a tiny encryption
algorithm. Lecture Notes in Computer Science (LNCS)
(Leuven, Belgium: Fast Software Encryption: Second
International Workshop), vol. 1008 (1994), pp. 363–366.
[11] J. Kelsey, B. Schneier, D. Wagner, Related-key
cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X
NewDES, RC2, and TEA. Lecture Notes in Computer
Science (LNCS) vol. 1334 (1997), pp. 233–246.
[12] A. Bogdanov, M. Wang, Zero-correlation linear
cryptanalysis with reduced data complexity. Lecture Notes in
Computer Science (LNCS) (Fast Software Encryption 2012),
vol. 7549 (2012), pp. 29–48.
[13] A. Luma, B. Ismaili, B. Raufi, Multilevel user
authentication and identification scheme for email clients. in
Proceedings of the world congress on engineering, WCE
2013, 3–5 July 2013. Lecture notes in engineering and
computer science, London, UK (2013), pp. 1221–1225.
[14] A. Luma, B. Raufi, New data encryption algorithm and
its implementation for online user authentication, in
International Conference on Security and Management,
(CSREA Press, USA, 2009), pp. 81–85.
[15] A. Luma, B. Raufi, Xh Zenuni, Asymmetric encryption
decryption with Pentor and ultra Pentor operators. Online J.
Sci. Technol. (TOJSAT) 2(2), 9–12 (2012).
[16] M. Hertzum, J. N. Christian, N. Jørgensen and M.
Nørgaard, Usable Security and E-Banking: ease of use vis-a-
vis security J. Australasian Journal of Information Systems.
11, 2, 2004.
International Conference on Engineering Technologies (ICENTE'18)
October 26-28,2018,Konya/TURKEY
_________________________________________________________________________________________________________________
E-ISBN: 978-605-68537-3-9
101
