Threshold Password-Based Authentication Using Bilinear Pairings

Lee, Songwon; Han, Kwan-Young; Kang, Seok-kyu; Kim, Kwangjo; Ine, So Ran

doi:10.1007/978-3-540-25980-0_29

Cited by 5 publications

(2 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A password constitutes a user-memorable secret [27] that consists of a few printable characters. Passwords are the common choice in computer systems for user authentication [28][29][30]. The system stores the user's identity and password for every account.…”

Section: Passwordsmentioning

confidence: 99%

Password-Hashing Status

Hatzivasilis

2017

Cryptography

View full text Add to dashboard Cite

Computers are used in our everyday activities, with high volumes of users accessing provided services. One-factor authentication consisting of a username and a password is the common choice to authenticate users in the web. However, the poor password management practices are exploited by attackers that disclose the users' credentials, harming both users and vendors. In most of these occasions the user data were stored in clear or were just processed by a cryptographic hash function. Password-hashing techniques are applied to fortify this user-related information. The standardized primitive is currently the PBKDF2 while other widely-used schemes include Bcrypt and Scrypt. The evolution of parallel computing enables several attacks in password-hash cracking. The international cryptographic community conducted the Password Hashing Competition (PHC) to identify new efficient and more secure password-hashing schemes, suitable for widespread adoption. PHC advanced our knowledge of password-hashing. Further analysis efforts revealed security weaknesses and novel schemes were designed afterwards. This paper provides a review of password-hashing schemes until the first quarter of 2017 and a relevant performance evaluation analysis on a common setting in terms of code size, memory consumption, and execution time.

show abstract

Section: Passwordsmentioning

confidence: 99%

Password-Hashing Status

Hatzivasilis

2017

Cryptography

View full text Add to dashboard Cite

show abstract

“…A valid certificate of any node can be only generated correctly if a number of nodes exceeding a threshold cooperate. In [23], Lee et al presented an efficient threshold password based authentication scheme using (k, n) threshold scheme, which allows a roaming user who accesses a network from different client terminals to get his private key from the servers, even if some of the servers are compromised under the multi-server roaming system. Recently, Chai et al [24] also presented an efficient threshold password authentication scheme against password guessing attacks in ad hoc networks.…”

mentioning

confidence: 99%

TUA: A Novel Compromise-Resilient Authentication Architecture for Wireless Mesh Networks

Lin

et al. 2008

IEEE Trans. Wireless Commun.

View full text Add to dashboard Cite

Abstract-User authentication is essential in service-oriented communication networks to identify and reject any unauthorized network access. The state-of-the-art practice in securing wireless networks is based on the authentication, authorization and accounting (AAA) framework where one or multiple identical and duplicated AAA servers are adopted to authenticate mobile users (MUs), handle authorization requests, and collect accounting data. However, the conventional AAA framework cannot tolerate a server compromise event due to misuse, misconfiguration, and malicious access, etc., which may cause serious damages and resource abuses to the network operation. In this paper, we propose a novel design paradigm toward a compromiseresilient authentication architecture in service-oriented wireless mesh networks (WMNs) based on the (t, n) threshold signature technique, termed Threshold User Authentication (TUA) scheme. With the TUA scheme, only t or more out of n AAA servers in the WMN can cooperatively grant the network access to a MU, while any t−1 or less cannot. Detailed protocol-aspect design and implementations are presented. Extensive analysis on efficiency and reliability of authentication functionality is conducted to gain a deeper understanding on the parameter settings and optimization, which demonstrates the effectiveness of the TUA scheme. We conclude that the proposed authentication scheme can contribute to the WMN network design in metropolitan areas where numerous mesh points (MPs) coexist and are managed under a single control plane with multiple distributed AAA servers.

show abstract

An efficient and practical threshold gateway-oriented password-authenticated key exchange protocol in the standard model

Wei

Zhang

et al. 2016

Sci. China Inf. Sci.

View full text Add to dashboard Cite

Threshold Password-Based Authentication Using Bilinear Pairings

Cited by 5 publications

References 14 publications

Password-Hashing Status

Password-Hashing Status

TUA: A Novel Compromise-Resilient Authentication Architecture for Wireless Mesh Networks

An efficient and practical threshold gateway-oriented password-authenticated key exchange protocol in the standard model

Contact Info

Product

Resources

About