Journal of Applied Mathematics
Volume 2012 (2012), Article ID 340861, 16 pages
http://dx.doi.org/10.1155/2012/340861
Research Article

Password Authentication Based on Fractal Coding Scheme

1The Branch of Applied Mathematics Applied Sciences Department, University of Technology, Baghdad, Iraq
2Institute for Mathematical Research (INSPEM), University Putra Malaysia, Darul Ehsan, 43400 Serdang, Malaysia
3Institute of Mathematical Sciences, University of Malaya, 50603 Kula Lampur, Malaysia

Received 15 April 2012; Revised 10 September 2012; Accepted 11 October 2012

Academic Editor: Marcelo A. Savi

Copyright © 2012 Nadia M. G. Al-Saidi et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Password authentication is a mechanism used to authenticate user identity over insecure communication channel. In this paper, a new method to improve the security of password authentication is proposed. It is based on the compression capability of the fractal image coding to provide an authorized user a secure access to registration and login process. In the proposed scheme, a hashed password string is generated and encrypted to be captured together with the user identity using text to image mechanisms. The advantage of fractal image coding is to be used to securely send the compressed image data through a nonsecured communication channel to the server. The verification of client information with the database system is achieved in the server to authenticate the legal user. The encrypted hashed password in the decoded fractal image is recognized using optical character recognition. The authentication process is performed after a successful verification of the client identity by comparing the decrypted hashed password with those which was stored in the database system. The system is analyzed and discussed from the attacker’s viewpoint. A security comparison is performed to show that the proposed scheme provides an essential security requirement, while their efficiency makes it easier to be applied alone or in hybrid with other security methods. Computer simulation and statistical analysis are presented.