ParseKey+: A five-way strong authentication procedure as an approach to client/server impersonation avoidance using steganography for key encryption

Abstract

This paper presents the ParseKey-, an approach to a new highly-secure and safe authentication service. The scheme includes authentication process for both client and server sides in addition to passwords of each side. ParseKey+ employs transposition to hide the encrypted key in a key file retrievable only by the other side knowing the indices and lengths of sub-keys inside ParseKey+ encrypted file. ParseKey+ avoids client and server impersonations in addition to mutual client/server authentication. There-fore, the ParseKey+ scheme avoids counter-reply attack. The key file is changed at each signing on procedure. The key file is an additional security beyond the login password which avoids client and server impersonation.