Securing Client and Server Connections from Parameter Tampering Using Time-Based Hash Encryption


Authors : Chandra Yogatama; Oktoberty; Rita Hariningrum; Sri Pramono; Riyanto Wibowo; Tjokro Hadi.

Volume/Issue : Volume 7 - 2022, Issue 5 - May

Google Scholar : https://bit.ly/3IIfn9N

Scribd : https://bit.ly/3HI3iCE

DOI : https://doi.org/10.5281/zenodo.6662946

Abstract : This paper proposes a method to prevent parameter tampering on web services. Time based hash encryption is able to give unpredictable output which changes periodically ac-cording to input. The proposed method uses different parts of function output as authenti-cation key and parameter order. The presented method has several characteristics. Each encryption and decryption needs to be able to generate the same VST. Vst used must have a periodic record so that it is pos-sible to get Vs (t-1).Each used Vst works without trouble on both time variants (tests 1-3) and invariant (tests 3-5). From the Decrypt column, we can see that, as a side effect, each pass parameter is decrypted and cut off. To evaluate proposed work, we make software to encrypt and decrypt a request. We limit the test to having no delay.

Keywords : Securing Client, Server Connections, Tampering, Encryption.

This paper proposes a method to prevent parameter tampering on web services. Time based hash encryption is able to give unpredictable output which changes periodically ac-cording to input. The proposed method uses different parts of function output as authenti-cation key and parameter order. The presented method has several characteristics. Each encryption and decryption needs to be able to generate the same VST. Vst used must have a periodic record so that it is pos-sible to get Vs (t-1).Each used Vst works without trouble on both time variants (tests 1-3) and invariant (tests 3-5). From the Decrypt column, we can see that, as a side effect, each pass parameter is decrypted and cut off. To evaluate proposed work, we make software to encrypt and decrypt a request. We limit the test to having no delay.

Keywords : Securing Client, Server Connections, Tampering, Encryption.

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.
Subscribe
OR

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.
Subscribe