International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 04 Issue: 06 | June -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 3028 A novel Mutual Authentication algorithm using visual cryptography with novel visual cryptographic schemes Daisy Das 1 , Amarjyoti Pathak 2 1 M.tech, Computer Science And Engineering Department,Girijananda Institute Of Management And Technology,Guwahati, India 2 Assistant professor,Computer Science And Engineering Department,Girijananda Institute Of Management And Technology,Guwahati, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - We proposed a mutual authentication scheme using visual cryptography. Traditionally text-based username and passwords are used to authenticate a user to any online service. Authentication using passwords are old as well as less reliable regarding security. Passwords if kept too simple is prone to identity theft and if too complex difficult to remember them. Complex passwords require sophisticated encryption and decryption algorithms. This paper proposes a method of providing mutual authentication security by using Visual Cryptography It offers a means of providing security by using Visual Cryptography. This scheme provides mutual Authentication security without third party intervention where the client can authenticate the server and vice versa.Mutual Authentication is a significant factor in E- banking or E-commerce applications to counter cyber attacks. Visual Cryptography is applied to the security images registered by a user where the server generate shares and distribute the user via mail initially of one image. The second image share is generated randomly and circulated to the user during login as session password. The user uploads its initially received registered share to validate the server. The server compares the hash of the user usual password and security image random share to authenticate the user. This scheme can provide both user authentication and phishing attack generating mutual authentication between parties. Since the shares are created, which are not useful for the internal hackers. .The proposed mutual authentication scheme creates individual shares of user-uploaded images and uses these shares to login into the system. The method improves security measure between existing authentication model. Key-words—visual cryptography; mutual authentication; shares; keyless; image; computational complexity, accuracy; secrecy; thresholding; algorithm 1. INTRODUCTION With growing popularity of the internet, most applications are insecure. People often use facilities provided by institutions for online transactions. But for layman there are a lot of security issues occurring during an online transaction; some major security threats are phishing, password reuse, password theft, brute force & dictionary attacks .However, due to the increasing rate of malware, currently, detection of fake website or fake user, hacker has become a severe problem for the users. As a result, it is not possible to be sure whether we are using a authenticated server or not and not been trapped. These give rise to mutual authentication so as both the user and server authenticate each other. The primary motive is to have an authentication algorithm that is effective, not easily tractable & with implementation easiness. In this paper, a secured mutual authentication scheme is proposed where in place of using conventional encryption and decryption techniques we went for visual cryptography techniques. The traditional cryptographic methods are sophisticated as well as require high computation and lot of decryption time. In addition to that, these methods are prone to many cyber security attacks. Visual cryptography was first proposed by Naor and Shamir[1] in 1994 based on the concept of secret-sharing. It divides an image into n shares where none of the individual shares reveal any information. The decrypted message is obtained by overlapping of the secret shares. 2. LITERATURE REVIEW Many different methods have been designed and developed employed for attaining security about mutual authentication. The current security measure is having an SSL/TLS connection and a certificate issued by competent authority. The vulnerability that lies is that the validation of the license is the work of the browser and not the SSL/TLS specifications, it merely passes the certificate to the browser. At such fake certificate, attacks can take place[2].Moreover, users pay less attention to read the URL.WIKID[3] is a JSP application. WiKID is an existing software available for two- factor authentication for a specific price. The user login to their targeted site by starting their WIKID client and entering the pin. The PIN is then encrypted by the server's public key and sent to the server. If the PIN is found to be valid, the encryption valid and the account active, a package of the OTP, the target site URL and a hash of the target site's SSL certificate are sent back to the token client. The token client then goes out over the user's internet connection to the requested site URL and gets the SSL certificate, it then hashes it and compares the produced hash to validated certificate hash. If the two hashes match, the token client presents the