Towards practical anonymous password authentication
Proceedings of the 26th Annual Computer Security Applications Conference
Anonymous password-based key exchange with low resources consumption and better user-friendliness
Security and Communication Networks
Provably secure three-party authenticated key agreement protocol using smart cards
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Anonymous password authentication reinforces password authentication with the protection of user privacy. Considering the increasing concern of individual privacy nowadays, anonymous password authentication represents a promising privacy-preserving authentication primitive. However, anonymous password authentication in the standard setting has several inherent weaknesses, making its practicality questionable. In this paper, we propose a new and efficient approach for anonymous password authentication. Our approach assumes a different setting where users do not register their passwords to the server; rather, they use passwords to protect their authentication credentials. We present a concrete scheme, and get over a number of challenges in securing password-protected credentials against off-line guessing attacks. Our experimental results confirm that conventional anonymous password authentication does not scale well, while our new scheme demonstrates very good performance.