Security Enhancement Using Two-Server Model

Anshu Malhotra, Animesh Sit, Neeraj Dubey, Abhinav Tyagi, Pranav Bhatia
2014 International Journal of Innovative Research in Computer and Communication Engineering  
These days, most of the Internet Services use a single server model, where a single server is used to store the encrypted password. But, in case this server gets compromised, whole of the user's data is lost. So, to address this problem we may use multiple servers to store a single user password. In this paper we present the technique of using two servers for storing the encrypted password. Here, firstly we are dividing the user's password into two parts, then encrypting it and storing it into
more » ... wo separate servers. Further, the original password is retrieved by decrypting and combing the two parts of the password. Our system has a number of other features. Like in our system, only a front-end service server interacts directly with the users while a control server which does not interact with the user remains behind the scene; therefore, it can be directly implemented to strengthen the existing single-server password system that uses only a single server to store the password. In addition, the system is secure against various kinds of attack like the Brute Force Attack which may be either Dictionary attack or exhaustive search.
doi:10.15680/ijircce.2014.0212007 fatcat:fvrhxjaksvf2deybqs7ovmltz4