Hybrid Security Framework for Activity Based Authentication using RSA & Genetic Algorithm

In the current information age, security has achieved a tremendous importance in e-commerce applications involving financial transactions. Non-repudiation, data integrity, data confidentiality and authenticity, have become an integral part of information security. There is a tremendous risk involved in the communication of a plain text over Internet. Cryptography offers a solution for this type of risk which is referred to as a technique of encrypting and decrypting messages in such a way that they cannot be interpreted by anybody with the exception of a sender and an intended recipient. In majority of the e-commerce based applications where security is considered to be of prime importance, a single encryption algorithm is adopted for encrypting a password and the authentication information is stored on a single database server which becomes open to risks against different computer hacks. A novel solution for this problem is to generate an individual’s personal and dynamic activities which will be hard for the attackers to guess. Further, this can be combined with distributed technology where the authentication information is distributed over geographically separated multiple servers. In this paper authors have generated an activity based distributed 3D password incorporating various activities where the authentication information is distributed over geographically separated multiple authentication servers. The key pair is generated using RSA algorithm which is encrypted using single-point cross over and mutation of bits at the extreme position. This further adds another level of security and renders the key unbreakable by an unintended user. The configuration information pertaining to the distributed environment is stored in XML file which is parsed using Microsoft's XML Parser and the activity related information is stored in different servers which is encrypted using RSA algorithm. The technique employed combines RSA algorithm with Genetic Algorithm to offer a robust hybrid security framework in a distributed environment which is difficult to guess for an unintended user.