Skip to content

vs666/Sentinel

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation


Logo

SENTINEL

A database leak tolerant system.
Explore the docs »

· Report Bug · Request Feature

Table of Contents

  1. About The Project Motivation & Vision
  2. Getting Started
  3. Usage
  4. Roadmap
  5. Contributing
  6. License
  7. Future Work
  8. Contact
  9. Acknowledgements

About The Project

![Product Name Screen Shot][product-screenshot]

Sentinel is an authentication (Sign-up & Sign-in) system, that claims high tolerance to database leaks, by increasing the complexity of dictionary attacks for cracking passwords.

We aim to be a B2B Solution. The first release is aimed towards the Summer Up Hackathon for IIIT Hyderabad.

Motivation

Database leaks are a serious problem towards our privacy and security. The most trivial way of Authentication has been using PASSWORDS. However, it is prone to database-leaks of the authentication servers. In these cases, identity theft, money loss or other serious damages are possible.

With the revolutionizing change of authentication from PASSWORD based to biometric, including Voice Authentication, Facial Recognition, Fingerprint Unlocks etc. have higher security but often raise the dilemma of privacy of a person's information.

In this regard, we think passwords are a anonymous (because no private information such as biometric prints) are stored, and reliant modes of authentication. The only concern is if the database leaks can leak the password owing to dictionary attacks. We aim to eliminate the practical possibility of password leaks in the event of a database leak. Further another additoinal feature provided is complete privacy. The password itself is not stored, but a complex modification of it is stored that is irreversible, and has different value for even the same passwords of different users.

Thus our platform aims to provide the four pillars of cyberspace, which are :

  • ANNONYMITY :> No tracability of accounts to individuals.
  • PRIVACY :> No information of a user's password (or anything else) is stored, syntactically and semantically.
  • SECURITY :> Protection against exposure of private information in case of a database leak.
  • OPENNESS :> To prove our point, we are planning to move the password database to a public distributed ledger, to make one of a kind Decentralized Authentication system.

Built With

Getting Started

First let us start, then we'll tell how to get started.

Whitepaper

Coming soon....

Prerequisites

This is an example of how to list things you need to use the software and how to install them.

  • npm
    npm install npm@latest -g

Installation

  1. Clone the repo
    git clone https://github.com/vs666/Sentinel.git
  2. Install NPM packages (go to web-app folder and then run)
    npm install
  3. Install Python3 packages
    pip3 install requirements.txt

Usage

This code-base is not a library, but needs to be split between different portions of the server ( view whitepaper for the architecture and the setup of the server ).

For more examples, please refer to the Documentation

Future Work

In future we aim to release subsequent versions with the following changes :

v1.1 - Aim to incorporate the option of subscription, (by business clients) to use the server as their authentication service.

v2.0 - Aim to add the feature of fault tolerance (PBFT), when we scale up the protocol to run on distributed server system. Might need to modify the protocol and/or existing code-base a bit.

Roadmap

See the open issues for a list of proposed features (and known issues).

Contributing

Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

License

Distributed under a License with specific instructions for commercial use or distribution. See LICENSE for more information.

Contact

Varul Srivastava
@VarulSrivastava | Twitter

Akshett Jindal
E-Mail

Project Link: https://github.com/vs666/Sentinel

About

Database-Leak tolerant Authentication System

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published