A database leak tolerant system.
Explore the docs »
·
Report Bug
·
Request Feature
![Product Name Screen Shot][product-screenshot]
Sentinel is an authentication (Sign-up & Sign-in) system, that claims high tolerance to database leaks, by increasing the complexity of dictionary attacks for cracking passwords.
We aim to be a B2B Solution. The first release is aimed towards the Summer Up Hackathon for IIIT Hyderabad.
Database leaks are a serious problem towards our privacy and security. The most trivial way of Authentication has been using PASSWORDS. However, it is prone to database-leaks of the authentication servers. In these cases, identity theft, money loss or other serious damages are possible.
With the revolutionizing change of authentication from PASSWORD based to biometric, including Voice Authentication, Facial Recognition, Fingerprint Unlocks etc. have higher security but often raise the dilemma of privacy of a person's information.
In this regard, we think passwords are a anonymous (because no private information such as biometric prints) are stored, and reliant modes of authentication. The only concern is if the database leaks can leak the password owing to dictionary attacks. We aim to eliminate the practical possibility of password leaks in the event of a database leak. Further another additoinal feature provided is complete privacy. The password itself is not stored, but a complex modification of it is stored that is irreversible, and has different value for even the same passwords of different users.
Thus our platform aims to provide the four pillars of cyberspace, which are :
ANNONYMITY :>No tracability of accounts to individuals.PRIVACY :>No information of a user's password (or anything else) is stored, syntactically and semantically.SECURITY :>Protection against exposure of private information in case of a database leak.OPENNESS :>To prove our point, we are planning to move the password database to a public distributed ledger, to make one of a kind Decentralized Authentication system.
First let us start, then we'll tell how to get started.
Coming soon....
This is an example of how to list things you need to use the software and how to install them.
- npm
npm install npm@latest -g
- Clone the repo
git clone https://github.com/vs666/Sentinel.git
- Install NPM packages (go to web-app folder and then run)
npm install
- Install Python3 packages
pip3 install requirements.txt
This code-base is not a library, but needs to be split between different portions of the server ( view whitepaper for the architecture and the setup of the server ).
For more examples, please refer to the Documentation
In future we aim to release subsequent versions with the following changes :
v1.1 - Aim to incorporate the option of subscription, (by business clients) to use the server as their authentication service.
v2.0 - Aim to add the feature of fault tolerance (PBFT), when we scale up the protocol to run on distributed server system. Might need to modify the protocol and/or existing code-base a bit.
See the open issues for a list of proposed features (and known issues).
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under a License with specific instructions for commercial use or distribution. See LICENSE for more information.
Varul Srivastava
@VarulSrivastava | Twitter
Akshett Jindal
E-Mail
Project Link: https://github.com/vs666/Sentinel