NCI WEBSITE
NORMA eResearch @NCI Library

Anti-CSRF Token Using Linear Congruential Generator

Tools

Nadar, Abraham Samson (2023) Anti-CSRF Token Using Linear Congruential Generator. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (1MB) | Preview

Abstract

This work describes a novel Anti-CSRF token generating method that uses the Enhanced Linear Congruential Generator (eLCG) in combination with HMAC_DRBG. This method improves the unpredictability and security of CSRF tokens, hence strengthening web application defences. The major goal is to evaluate the usefulness of eLCG & HMAC_DRBG based tokens in preventing CSRF attacks. To reach this purpose, the research design is methodically created, with the eLCG coupled with HMAC_DRBG to establish a robust foundation for creating unpredictable CSRF tokens. To validate the quality and reliability of the generated tokens, statistical tests are performed, indicating excellent quality, uniform distribution, lack of correlation, and absence of non-random patterns. Scatter plots depicts the generated CSRF numbers visually, emphasizing the uniqueness of each token and the absence of known trends. However, actual implementation considerations, such as adequate administration and secure storage of cryptographic keys and seed values, must be considered. The suggested technique will be integrated into leading cloud platforms such as Google Cloud Platform (GCP) and Microsoft Azure in the future, with the goal of strengthening identity protection and improving security across varied online settings. Adopting adaptive token generation algorithms led by real-time threat assessments has the potential to improve the robustness of CSRF token mechanisms even further. Finally, by developing a strong AntiCSRF token generation system, this research greatly adds to online application security. The successful combination of eLCG and HMAC_DRBG demonstrates a formidable defence against CSRF assaults. As online applications expand, this research lays the groundwork for sophisticated security measures and future advancements, ultimately protecting digital interactions and user data from CSRF vulnerabilities.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Prior, Michael
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
B Philosophy. Psychology. Religion > BJ Ethics > Conduct of life > Reliability > Information integrity > Data integrity
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 10 Jan 2025 15:11
Last Modified: 10 Jan 2025 15:11
URI: https://norma.ncirl.ie/id/eprint/7297

Actions (login required)

View Item View Item