Paper Title
A New Secure Session Key Exchange Protocol For Web Applications

Abstract
The Internet becomes a part of everyday life. In which it is a public environment where people try to communicate with each other. It is important to provide security, privacy and data integrity for all the activities that tack place on the Internet. There are numbers of researches in the cryptographic fields dedicated to ensuring security on the Internet. Key exchange protocols are used to share a secret session key between users to encrypt all the communication between them in a non-secure channel. In this paper, we propose a new secure session key exchange protocol for web applications. This protocol based on the virtual password, biometric data and symmetric cryptography. The strength point of this protocol it depends on a dynamic password that based on a true random number generator given to client and submitted at the time of authentication. The proposed protocol can defend against multiple kinds of attacks, such as; guessing attack, dictionary attack, brute force, phishing attack, man in the middle attack, etc. Keywords - Authentication, Kerberos, Symmetric cryptocraphy, Biometric data, Dynamic Password.