Risks of the passport single signon protocol
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
IEEE Internet Computing
Password Authentication Using Multiple Servers
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Single Sign-On Using Cookies for Web Applications
WETICE '99 Proceedings of the 8th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Server-Assisted Generation of a Strong Secret from a Password
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
An Efficient and Secure Multi-Server Password Authentication Scheme using Smart Cards
CW '04 Proceedings of the 2004 International Conference on Cyberworlds
Threshold Password-Authenticated Key Exchange
Journal of Cryptology
A Practical Password-Based Two-Server Authentication and Key Exchange System
IEEE Transactions on Dependable and Secure Computing
A new two-server approach for authentication with short secrets
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
An Efficient Multi-server Password Authenticated Key Agreement Scheme Using Smart Cards
MUE '07 Proceedings of the 2007 International Conference on Multimedia and Ubiquitous Engineering
A secure dynamic ID based remote user authentication scheme for multi-server environment
Computer Standards & Interfaces
Computer Standards & Interfaces
A survey of peer-to-peer security issues
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Provably secure threshold password-authenticated key exchange
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Efficient multi-server password authenticated key agreement using smart cards
IEEE Transactions on Consumer Electronics
A remote password authentication scheme for multiserver architecture using neural networks
IEEE Transactions on Neural Networks
Hi-index | 0.00 |
User's password verification information stored on the server is main point of vulnerability and remains attractive target for attacker. Proposed protocol uses two-server architecture so that password verification information is distributed between two servers known as authentication server and control server. In this paper, we present single sign-on (SSO) password-based multi-server authentication protocol that issues the ticket to the user for a specific time period. Ticket issued for one authentication server can be used by the peer user for its authentication to another authentication server that is under the control of same control server. It distributes password verification information between the authentication server and the control server based on peer-to-peer (P2P) computing. Therefore, the proposed protocol is more resistant to dictionary attack as compared to existing single-server password based authentication protocols. The proposed protocol does not use public key that causes computation and communication burden in resource constraint environment.