Decentralized Authentication for Enhanced Security: Leveraging Blockchain Technology to Prevent Credential Theft

Authors

  • Sulemana Awal Department of Computer Science, Tamale Technical University, Ghana
  • Diyawu Mumin Department of Computer Science, Tamale Technical University, Ghana
  • Arnold Mashud Abukari Department of Computer Science, Tamale Technical University, Ghana
  • Abukari Aziz Danaa Department of Computer Science, Tamale Technical University, Ghana
  • Jibreel Fuseini Department of Computer Science, Tamale Technical University, Ghana

DOI:

https://doi.org/10.70112/ajcst-2024.13.1.4253

Keywords:

Ethereum, Authentication, Smart contracts, Blockchain

Abstract

Online services currently rely heavily on centralized authentication methods to manage user identification and authentication. However, these methods are vulnerable to account hacking, which can compromise user data and lead to attacks. A potential solution to this issue is the use of distributed ledger technology, such as blockchain, to decentralize credential ownership and provide a secure, immutable platform for verifying user identity. This paper aims to analyze the drawbacks of centralized authentication systems and propose an alternative that uses blockchain technology for authentication, ensuring robustness, transparency, and security. The proposed system is tested on web applications using the Ethereum testnet and an authentication provider (backend server).

References

A. R. Chowdhury, T. Chatterjee, and S. DasBit, “LOCHA: A light-weight one-way cryptographic hash algorithm for wireless sensor network,” Procedia Computer Science, vol. 32, pp. 497-504, 2014.

A. Azaria, A. Ekblaw, T. Vieira, and A. Lippman, “MedRec: Using blockchain for medical data access and permission management,” in 2016 2nd International Conference on Open and Big Data (OBD), 2016, pp. 25-30.

A. Biryukov, D. Khovratovich, and I. Pustogarov, “Deanonymisation of clients in Bitcoin P2P network,” in Proc. 2014 ACM SIGSAC Conf. Computer and Communications Security, 2014, pp. 15-29.

J. Bonneau, A. Narayanan, A. Miller, J. Clark, J. A. Kroll, and E. W. Felten, “Mixcoin: Anonymity for bitcoin with accountable mixes,” in Financial Cryptography and Data Security: 18th International Conference, FC 2014, Christ Church, Barbados, March 3-7, 2014, Revised Selected Papers, 2014, pp. 486-504.

Z. Gao, “When deep learning meets smart contracts,” in Proc. 35th IEEE/ACM Int. Conf. Automated Software Engineering, 2020, pp. 1400-1402.

E. Borgsten and O. Jiang, “Authentication using smart contracts in a blockchain,” 2018.

P. K. Sadhu, V. P. Yanambaka, and A. Abdelgawad, “Internet of Things: Security and solutions survey,” Sensors, vol. 22, no. 20, pp. 7433, 2022.

A. F. Baig and S. Eskeland, “Security, privacy, and usability in continuous authentication: A survey,” Sensors, vol. 21, no. 17, pp. 5967, 2021.

E. Bertino, H. Lee, M. Huang, C. Katsis, Z. Shen, B. Ribeiro, et al., “A pro-active defense framework for IoT systems,” in 2023 IEEE 9th International Conference on Collaboration and Internet Computing (CIC), 2023, pp. 125-132.

C. Wang, Anti-fraud engineering for digital finance: Behavioral modeling paradigm. Springer Nature, 2023.

A. Haslebacher, J. Onaolapo, and G. Stringhini, “All your cards have belonged to us: Understanding online carding forums,” in 2017 APWG Symposium on Electronic Crime Research (eCrime), 2016, pp. 41-51.

O.-A. Khashan, S. Alamri, W. Alomoush, M.-K. Alsmadi, S. Atawneh, and U. Mir, “Blockchain-based decentralized authentication model for IoT-based e-learning and educational environments,” Computers, Materials & Continua, vol. 75, no. 3, pp. 3133-3158, 2023.

A. K. Al Hwaitat, M. A. Almaiah, A. Ali, S. Al-Otaibi, R. Shishakly, A. Lutfi, et al., “A new blockchain-based authentication framework for secure IoT networks,” Electronics, vol. 12, no. 18, pp. 3618, 2023.

Z. Chen, Y. Jiang, X. Song, and L. Chen, “A survey on zero-knowledge authentication for Internet of Things,” Electronics, vol. 12, no. 6, pp. 1145, 2023.

U. Khalid, M. Asim, T. Baker, P. C. Hung, M. A. Tariq, and L. Rafferty, “A decentralized lightweight blockchain-based authentication mechanism for IoT systems,” Cluster Computing, vol. 23, no. 3, pp. 2067-2087, 2020.

M. Swan, Blockchain: Blueprint for a new economy. O’Reilly Media, Inc., 2015.

I. V. Pustokhina, “Blockchain technology in the international supply chains,” Int. J. Wireless and Ad Hoc Communication, vol. 1, no. 1, pp. 16-25, 2021.

S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.

F. Toutara and G. Spathoulas, “A distributed biometric authentication scheme based on blockchain,” in 2020 IEEE Int. Conf. Blockchain (Blockchain), 2020, pp. 470-475.

C. Ingle, A. Samudre, P. Bhavsar, and P. Vidap, “Audit and compliance in service management using blockchain,” in 2019 IEEE 16th India Council International Conference (INDICON), 2019, pp. 1-4.

M. T. Hammi, B. Hammi, P. Bellot, and A. Serhrouchni, “Bubbles of trust: A decentralized blockchain-based authentication system for IoT,” Computers & Security, vol. 78, pp. 126-142, 2018.

L. Yu, M. He, H. Liang, L. Xiong, and Y. Liu, “A blockchain-based authentication and authorization scheme for distributed mobile cloud computing services,” Sensors, vol. 23, no. 3, pp. 1264, 2023.

G. Almashaqbeh and R. Solomon, “Sok: Privacy-preserving computing in the blockchain era,” in 2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P), 2022, pp. 124-139.

Downloads

Published

18-03-2024

How to Cite

Awal, S., Mumin, D., Abukari, A. M., Danaa, A. A., & Fuseini, J. (2024). Decentralized Authentication for Enhanced Security: Leveraging Blockchain Technology to Prevent Credential Theft. Asian Journal of Computer Science and Technology, 13(1), 11–17. https://doi.org/10.70112/ajcst-2024.13.1.4253

Issue

Vol. 13 No. 1 (2024): January-June 2024

Section

Articles

License

Copyright (c) 2024 Centre for Research and Innovation

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.