10,751 Hits in 4.6 sec

Proofs for Two-Server Password Authentication [chapter]

Michael Szydlo, Burton Kaliski
2005 Lecture Notes in Computer Science  
This work formally models the basic security requirement for two-server password authentication protocols, and in this framework provides concrete security proofs for two protocols.  ...  A natural solution involves splitting password between two or more servers.  ...  Acknowledgments The authors would like to thank Phil MacKenzie for useful discussions, and the anonymous reviewers for comments and corrections.  ... 
doi:10.1007/978-3-540-30574-3_16 fatcat:kn6ft4uzcbandhcdczfmnmqquq

Comparison of ZKP based Authentication Mechanisms for securing the web server

Kayathri Devi D, Akilan S S
2018 International Journal of Engineering and Technology  
, image based passwords, multi factors including password, biometric proofs.  ...  Traditional authentication mechanisms aim at validating the authorized users to access the Information Systems such as web servers or services considering the various factors such as text based passwords  ...  Server asking the client for partial passwords may also be helpful to avoid shoulder surfing and keyboard logging. B.  ... 
doi:10.21817/ijet/2018/v10i4/181004070 fatcat:fs4i5xq63jdipi4ayu5qbdhgsi

A New Approach for Anonymous Password Authentication

Yanjiang Yang, Jianying Zhou, Jian Weng, Feng Bao
2009 2009 Annual Computer Security Applications Conference  
In this paper, we propose a new and efficient approach for anonymous password authentication.  ...  Our approach assumes a different setting where users do not register their passwords to the server; rather, they use passwords to protect their authentication credentials.  ...  These two-factor authentication schemes do not require the server to keep a password file, offering a solution to the drawbacks of multi-server password authentication.  ... 
doi:10.1109/acsac.2009.26 dblp:conf/acsac/YangZWB09 fatcat:oqlv6fnek5e2niu5bdx5bzkf3e

Integrated Quantum and Classical Key Scheme for Two Servers Password Authentication

2010 Journal of Computer Science  
between the password exchanges of two servers.  ...  The performance measure of the user password made for the transformed two long secrets held by both service and control server.  ...  systems, two server password authentication systems.  ... 
doi:10.3844/jcssp.2010.1396.1405 fatcat:c4xk55sv4zhmjna5tgm6er4yva

Zero Knowledge Proof based authentication protocol using graph isomorphism [article]

Lavish Saluja, Ashutosh Bhatia
2019 arXiv   pre-print
We suggest most of the computations should be carried out on the users' web browser without revealing the password to the server at any point in time.  ...  We propose a Zero-Knowledge Proof (ZKP) algorithm based on isomorphic graphs.  ...  AUTHENTICATION PROCESS: The Classical way 6 of authenticating users is asking for their login and password details and sending these details directly to the server and the server responds to the request  ... 
arXiv:1911.09329v1 fatcat:b5aqwepprjfovdogab4stfw4gm

Enhancing RADIUS based multifactor-factor authentication systems with RESTful API for self-service enrolment

Emin Huseynov, Jean-Marc Seigneur
2017 2017 IEEE 11th International Conference on Application of Information and Communication Technologies (AICT)  
Two-factor authentication can significantly reduce risks of compromised accounts by protecting from the majority of password-leak based attacks.  ...  RADIUS protocol is a popular method of providing the second factor authentication. This paper presents an innovative approach to enrolling users in RADIUS protocol based two-factor authentication.  ...  TOTPRadius The proof concept of self-enrollment RESTFul API for two-factor authentication has been implemented for Citrix Netscaler and Citrix Storefront integration.  ... 
doi:10.1109/icaict.2017.8686898 fatcat:a2bukdg32rfbrkiibfeugd32fy


2012 International Journal of Communication Networks and Security  
This paper presents a simple protocol based on zero knowledge proof by which the user can prove to the authentication server that he has the password without having to send the password to the server as  ...  Thus the user can authenticate himself without having to actually reveal the password to the server.  ...  b) Contribution This paper presents a protocol using which the users can be authenticated by the authentication server without having to reveal the password.  ... 
doi:10.47893/ijcns.2012.1047 fatcat:5guirvydczgzppc5gm2swuukca

Zero Knowledge Password Authentication Protocol [chapter]

Nivedita Datta
2013 Advances in Intelligent Systems and Computing  
This paper presents a simple protocol based on zero knowledge proof by which the user can prove to the authentication server that he has the password without having to send the password to the server as  ...  Thus the user can authenticate himself without having to actually reveal the password to the server.  ...  b) Contribution This paper presents a protocol using which the users can be authenticated by the authentication server without having to reveal the password.  ... 
doi:10.1007/978-3-642-35461-8_7 fatcat:kjn3sbxk7zbl3i3xmrdkht4s6q

Bi-Crypto: An Efficient System with Enhanced Security

2019 International journal of recent technology and engineering  
A convenient two factor (2f) authentication is used in smart card password verification. Thus, the two factors are "dynamic ID-based" or "anonymous".  ...  Truly a 2f scheme can make sure that the user whoever possess a valid OTP and password can be authorized by the server.  ...  two-factor authentication involving physical tokens. [4] A smart card with two password authentication schemes was proposed.  ... 
doi:10.35940/ijrte.b1756.078219 fatcat:oxn6jb5z6jbj3mcjomrhlxaxdi

A Simple Threshold Authenticated Key Exchange from Short Secrets [chapter]

Michel Abdalla, Olivier Chevassut, Pierre-Alain Fouque, David Pointcheval
2005 Lecture Notes in Computer Science  
An authentication server can indeed be seen as two distinct entities, namely a gateway (which is the direct interlocutor of the client) and a back-end server (which is the only one able to check the identity  ...  Each client C ∈ C holds a password pw C . Each server S ∈ S holds a vector of passwords PW S = pw C C∈C with an entry for each client.  ...  Acknowledgements The authors would like to thank Raymond Choo for pointing out a flaw in a previous version of our schemes that made them susceptible to attacks by corrupted gateways.  ... 
doi:10.1007/11593447_31 fatcat:rblad7olofdh7ekrvezphm5z5q

RSA Based Two-factor Remote User Authentication Scheme with User Anonymity

Preeti Chandrakar, Hari Om
2015 Procedia Computer Science  
In remote user authentication, the server and the user mutually authenticate each other and establish a common session key for future communication.  ...  In this paper, we propose a secure and effective two-factor remote user authentication scheme based on RSA, which achieves mutual authentication and user anonymity properties.  ...  Introduction One of the most convenient and well popular two factor authentication scheme is based on smart card and password.  ... 
doi:10.1016/j.procs.2015.10.023 fatcat:x3x7tcujp5fgjpv2qwuxgye2hi

Efficient Two-Server Password-Only Authenticated Key Exchange

P.B. Prof. Kumbhar, ,Dr.* Vyankatesh S. Kulkarni
2016 Zenodo  
The proposed system proposes two servers,using password-authent icated key exchange(PAKE).  ...  In this case two servers will operate in handshake mode,and contrib ute to a generation of one key for authentication.  ...  LITERATURE REVIEW In recent times, Katz et al. recommended the first two servers will authenticate key for exchange protocol with an proof or evidence of security in the standard model.  ... 
doi:10.5281/zenodo.1466594 fatcat:pz7jqt5g6bb77eykezgjqmjvgu

A Secure Biometrics-based Authentication Scheme for Telecare Medicine Information Systems

Xiaopeng Yan, Weiheng Li, Ping Li, Jiantao Wang, Xinhong Hao, Peng Gong
2013 Journal of medical systems  
Due to the open environment, the mutual authentication between the user and the telecare server will thus be in demand.  ...  This paper proposes an efficient smart card based password authentication scheme by applying biometrics technique and hash function operations.  ...  For a smart card based authentication scheme, one basic security property is that the user is required to have both the smart-card and the password, which is often called two-factor authentication.  ... 
doi:10.1007/s10916-013-9972-1 pmid:23996083 fatcat:ffryfay7tvhrrmt4g6o4ja2fhu

Password Based Server Aided Key Exchange [chapter]

Yvonne Cliff, Yiu Shing Terry Tin, Colin Boyd
2006 Lecture Notes in Computer Science  
We propose a new password-based 3-party protocol with a formal security proof in the standard model.  ...  We also observe some limitations in the model due to Abdalla, Fouque and Pointcheval (PKC 2005) for proving security of such protocols.  ...  S has two encryption keys to keep the state of each authenticator independent, as required by the proof that two or more authenticators may be applied to the one protocol [HBGN05] .  ... 
doi:10.1007/11767480_10 fatcat:uk66tjzcyjanlgelpdkm4hlvxy

UC-secure Two-Server Password-Based Authentication Protocol and Its Applications

Lin Zhang, Zhenfeng Zhang, Xuexian Hu
2016 Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security - ASIA CCS '16  
A two-server password-based authentication (2PA) protocol is a special kind of authentication primitive that provides additional protection for the user's password.  ...  Then, we show that our protocol could be easily extended to more complicate password-based cryptographic protocols such as two-server password-authenticated key exchange (2PAKE) and two-server password-authenticated  ...  model. 2PASS The functionality of two-server password-authenticated secret sharing looks like the two-server version of Camenisch et al.'  ... 
doi:10.1145/2897845.2897872 dblp:conf/ccs/ZhangZH16 fatcat:cgvmnze2rnhr5betnv7uhl6o5a
« Previous Showing results 1 — 15 out of 10,751 results