#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    1
    Rep Power
    0

    [HELP] Build crypto login system in C++


    Hi guys,

    I need help with this system. I want to build a dynamic ID-based remote user authentication scheme using smartcard in C++ for my project but I just cant get it. Here is the system and its using one way hash function.

    Registration phase
    The user Ui sends the registration request to the remote server S:

    1. Ui submits IDi to S.

    2. S computes Ni = h(pwi) ⊕ h(x) ⊕ IDi, where x is secrete of the remote server, pwi is the password of Ui chosen by S.

    3. S personalizes the smartcard with the parameters [h(.), Ni, y], where y is the remote serverís secrete number stored in each registered userís smartcard.

    4. S => Ui: pwi and smartcard. (=> is a secure channel)

    Hope you can help me with this as I am realy clueless.I got this from IEEE article by Das et. al. (2004)
  2. #2
  3. Contributed User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2005
    Posts
    4,413
    Rep Power
    1871
    Are we talking about a college assignment, where your server.cpp takes the input, and outputs say "smartcard.txt" with the computed values; which is then read by client.cpp as part of the (unspecified) authentication which ultimately prints "pass" or "fail".

    Or is this a real smart card, complete with attendant smart card programmers and readers, protecting things of real value for actual customers?

    > Hope you can help me with this as I am realy clueless.
    If it's door number 2, then go and tell your boss to find someone else to do the work.

    And WTF does "really clueless" mean?
    - My C++ book from amazon just arrived this morning
    - What does h and ⊕ mean?
    - I know what h and ⊕ mean, but not how to use them on cryptographically large numbers
    - etc etc

    I suppose the first question is, do you at least understand the THEORY of what is going on? If you don't, then it's a waste of time trying to pick through implementation details.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper

IMN logo majestic logo threadwatch logo seochat tools logo