PHISHING PREVENTION USING SERVER AUTHENTICATION

In the modern computer era attacks on systems are increasing. Phishing is one of the serious offenses being committed. In Phishing hacker or group of hackers tries to acquire confidential information such as passwords or bank details etc in an attempt to steal users identity for financial gain or something much worse. In this paper, we are proposing an approach named “Phishing Prevention using server authentication” using which user can check the authenticity of the server with which he is willing to communicate. Here we are using visual cryptography along with general password authentication. In this scheme authentication via images is done. Here the keys being used could be single use keys or one for the time user wants to keep(depending on the will of the implementing party ). Under this scheme, the user chooses an image of his will. Then he performs cryptography operation over chosen image and converts it into shares (two at least). User uploads one share onto the trusted server and keeps the other one to himself. The user needs to be attentive while uploading the encrypted share and must upload it only to a trusted server. Whenever the user wants to authenticate the server he asks for the stored share. The server sends the share back to the user after authenticating the user. The user receives the share and performs decryption to obtain the original image. If the image received after decryption is same as original, it implies the server is authentic and the user can proceed with the rest of the transaction.