Research Article
A Hash-based Secure Interface on Plain Connection
@INPROCEEDINGS{10.1109/ChinaCom.2011.6158347, author={Zhenxing Liu and Harjinder Lallie and Lu Liu and Yongzhao Zhan and Kaigui Wu}, title={A Hash-based Secure Interface on Plain Connection}, proceedings={2nd International ICST Workshop on Advances in Data and Information Management: Recent Advances of Cloud Computing in Data and Information Management Conference on Communications and Networking in China}, publisher={IEEE}, proceedings_a={ADIM}, year={2012}, month={3}, keywords={hash functions network security web applications}, doi={10.1109/ChinaCom.2011.6158347} }- Zhenxing Liu
Harjinder Lallie
Lu Liu
Yongzhao Zhan
Kaigui Wu
Year: 2012
A Hash-based Secure Interface on Plain Connection
ADIM
IEEE
DOI: 10.1109/ChinaCom.2011.6158347
Abstract
This paper proposes a hash-based secure interface between two nodes on the Internet, especial between two interfaces or two web pages. Digital signatures and public-private keys are traditionally used to provide integrity and authentication. This paper proposes an alternative method which uses a shared private key and a public hash function for a message that is sent over a plain connection without losing integrity and authentication. An additional private algorithm is needed when the message has been hashed based on the message and the salt (the shared private key), and the hashed value will be re-computed with the private algorithm to produce a string named as checksum. At the other end, when a message is received with a checksum the same process is followed to produce a new checksum. If the produced checksum is equal to the received checksum, the message is legitimate. For efficiency and reliability, a timestamp and validity period is introduced to the scheme. The salt gets more salty with time included and so does the secure interface.