Title

Robust And Fast Authentication Of Session Cookies In Collaborative And Social Media Using Position-Indexed Hashing

Keywords

HTTPS; One-way hash chains; Session cookies

Abstract

The use of insecure cookies as a means to authenticate web transactions in collaborative and social media websites presents a hazard to users' privacy. In this paper, we propose and evaluate a novel protocol for protecting transmitted cookies using two dimensional one-way hash chains. In the first dimension, there is a hash chain that computes secret values used in the second dimension hash function. Multiple hash chains use the secret values created by the first dimension to authenticate session cookies in the second dimension. For improved security, the hashing operations in the second dimension use a concatenation of the secret values and the position index of the hash function within the hash chain. The performance of the scheme is evaluated using a detailed simulation testbed and an analytical model. The optimal lengths of the chains are derived when the number of transactions in the session is known. The protocol is extended to efficiently handle the case when the number of transactions is not known. The evaluation of the proposed scheme reveals that it achieves tremendous improvement over straightforwardly configured one-way hash chain schemes. Also, by adopting the position-indexed hashing protocol, energy consumption is reduced significantly especially with longer sessions making our protocol ideal for battery operated devices. © 2013 ICST.

Publication Date

12-1-2013

Publication Title

Proceedings of the 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, COLLABORATECOM 2013

Number of Pages

241-249

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.4108/icst.collaboratecom.2013.254126

Socpus ID

84893542677 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84893542677

This document is currently not available here.

Share

COinS