In this paper we proposed an authentication technique based on the user cards, to improve the authentication process in systems that allows remote access for the users, and raise the security rate during an exchange of their messages. in this technique the server performs two functions, the first function, register the users, and give him user ID, PIN code, and user private card contains secrecy information, which is used to encrypt user messages by using two kinds of encryption symmetric using RC4-Pr and asymmetric using RSA encryption., the second function, distribute the users public card if the user demand that, in which the user sends the own authentication code with their own user ID and recipient user ID to the authentication check, and then the server sends the user public card to the recipient user, thus the sender user can send the messages to recipient user without back to the server again. We attained confidentiality using RC4-Pr and RSA encryption and message authentication, user signature, and mutual secret key by using RSA encryption. in this paper we also implement the proposal in [1] RC4-pr algorithm which is modified to improve the key weakness of basic RC4.
تحميل البحث