I hope this is readable, if not please notify me. This article is also readable from google+ Keywords: Ihor Jakowec DEJA VU HASH Revised
Or, copy and paste, the below link... https://drive.google.com/open?id=0BxLingfkcfkbQ3JwYUlZVVBGZGc
DEJA VU HASH
Abstract
Described here is a self modifying cryptographic hash, that changes with every login, and/or, after an arbitrary time interval. In addition to a password, the hash uses login statistics. A hacker would would have less time to crack a password, because the hash value could keep changing. Also, hacker would need login statistics.
TIME SENSITIVE CRYPTOGRAPHIC HASH
This method is used for remote logins from computers with an operating system containing log files that hold login data and network traffic data. This method is NOT for use by “dumb” terminals, or on guest computers where data is erased upon logout.
The input to the hash consists of some or all of the following:
1.) Password.
2.) Time delay, established by use either/or: - the mode and variance of several ping attempts - a truncated value common to most ping trials - or the intersection algorithm. [1]
3.) Login time.
4.) Previous or, current login duration.
5.) CPU serial number.
6.) An array that is a histogram of values of the number of packets sent and received (the interval size is arbitrary)
[1] _________________  Wikipedia Contributors “Intersection Algorithm” “Wikipedia, The Free Encyclopedia” Wikipedia, The Free Encyclopedia 5 May 2014. Web. 5 May 2014.
NOTE:
You could use NTP (Network Time Protocol), with peer-to-peer connectivity for both the login client and the server; to increase the resolution of the above items: 2, 3, and 4.
(Referring to item 4.) If the current login is used, the hash is performed at the end of the login.
A different hash value can be kept for each login from a different CPU. (This could be a weakness if many different CPU’s have been used, and infrequently at that.) Therefore, using item 5. should only be considered as an option, for those who want to restrict logins to a select few computers.
How these values are arranged as input to the hash is arbitrary. You could use sequential concatenation. Or, values can be hashed separately, then xored to the final hash value. Input values can also be bit shuffled.
Modification: Item 6 could consist of a single array that is a histogram of differences:
(number of data packets sent - number of data packets received)
The arbitrary time interval is:
login duration / inter login interval
Both the server and the client would have records of items 1 to 6 on their respective file systems. However, for concealment, the way they are stored, and used as input to the hash can vary.
Since, this method results in a different hash for every login. A hacker’s cracking time would be limited to the time interval between successive logins
PSEUDO LOGIN
The concept here is to use pseudo logins. This is not a full login. Only the login state tables are synchronized and the password hash value is re-hashed. The login interval can be based on information known to both the client and the server. The average of the last five logins could be used, where a fraction, or multiple, of this average is used as the pseudo login interval. Moreover, the pseudo login interval can be vary. This interval can be made slightly longer or shorter. This variation can be based on the histogram of differences previously mentioned. The histogram can be partitioned into percentiles, or an arbitrary n-tile. Lower than average values can be used to shrink the pseudo login interval, while higher than average values can be used to lengthen the interval.
Optimally, the average of these intervals should be slightly shorter than the amount of time needed by the average hacker to crack a hash value. Or, it could be left up to the system adminstrator to set the length of the pseudo login interval. This would depend on the need for security in juxtaposition to system load demands.
SALTING THE SALT
As an added security feature, each pseudo login hash can be salted with a random number. The same value that is used by the server and the remote login. The random number generator and the seed value used, would be common to the server and the login client. The type of random number generator used would be quasi-propriatary to the system being used. That is, each random value could be cryptographically hashed with a common seed value. The resulting hash value could be used with the hash value of the previous login or previous pseudo login hash value.
================================================== DISCLAIMER Any words not defined, in this collection of documents; use the definition given to them, by the O.E.D. and/or American Webster's dictionary. It is not my intention to use double entendre: either from English or in any other language, or from pop subculture (past or present). Any words redefined by me, or phrases defined by me, are simply technical in nature. They are not intended to refer to any: group, institution, organization, person or persons. — No alternate meaning to any word or phrase is implied or intended. — My intent is NOT to: slight, insult, affront, or offend. Ihor Jakowec Tuesday 14 December 2017 ===================================================
-
Ihor Jakowec