scholarly journals ZERO KNOWLEDGE PASSWORD AUTHENTICATION PROTOCOL

2012 ◽  
pp. 30-34
Author(s):  
NIVEDITA DATTA
Keyword(s):  
Mutual Authentication ◽  
Public Key Cryptography ◽  
Authentication Protocol ◽  
Public Key ◽  
Zero Knowledge ◽  
Password Authentication ◽  
Valuable Data ◽  
Authentication Server ◽  
Simple Protocol ◽  
Zero Knowledge Proof

In many applications, the password is sent as cleartext to the server to be authenticated thus providing the eavesdropper with opportunity to steal valuable data. This paper presents a simple protocol based on zero knowledge proof by which the user can prove to the authentication server that he has the password without having to send the password to the server as either cleartext or in encrypted format. Thus the user can authenticate himself without having to actually reveal the password to the server. Also, another version of this protocol has been proposed which makes use of public key cryptography thus adding one more level of security to the protocol and enabling mutual authentication between the client & server.

scholarly journals Password Authentication for multicast host using zero knowledge Proof

2015 ◽  
Vol 5 (6) ◽  
pp. 1468
Author(s):  
Seetha Ranganathan ◽  
R. Saravanan
Keyword(s):  
Secure Communication ◽  
Group Communication ◽  
Zero Knowledge ◽  
Password Authentication ◽  
Valuable Data ◽  
Communication Environment ◽  
One Time Password ◽  
Group Member ◽  
Zero Knowledge Proof

<p>The password which is a more secure and valuable data should be highly protected from eavesdropper. This paper presents how password required for authentication of members of group communication is securely delivered by the source or initiator of the group. The password delivery uses zero knowledge proof and sent to the group member in an encrypted format using cipher block mode encryption. The password delivered is a One Time Password which can be used for certain amount of time in order to ensure a highly secure communication environment among the group.</p>

Analisis dan Implementasi Protokol Otentikasi FIDO U2F

2017 ◽  
Vol 9 (1) ◽  
pp. 30-35
Author(s):  
Sunderi Pranata ◽  
Hargyo Tri Nugroho ◽  
Hirofumi Yamaki
Keyword(s):  
Public Key Cryptography ◽  
Authentication Protocol ◽  
Public Key ◽  
Next Generation ◽  
Index Terms ◽  
Mitm Attack

It is known that password itself is not enough for formidable authentication method since it has a lot of vulnerabilities. Multi factor authentication (MFA) is introduced for the next generation for good authentication to address that issue. MFA combines two or more of three principles of good security, “something you know”, “something you have”, and “something you are”. Most MFA mechanisms work as one time passwords (OTP). However, they can still be vulnerable to phishing and MiTM attack. On top of that, OTP can be hard to use as it requires user to input another password given by the device (SMS, token, authenticator). Implemented in small USB U2F device, FIDO U2F delivers easier yet stronger security on authentication process which implements public key cryptography, challenge-response protocol, and phishing and MitM protection.  Index Terms— Authentication protocol, FIDO U2F, Multi factor authentication, OTP

From Laconic Zero-Knowledge to Public-Key Cryptography

2018 ◽  
pp. 674-697 ◽  
Author(s):  
Itay Berman ◽  
Akshay Degwekar ◽  
Ron D. Rothblum ◽  
Prashant Nalini Vasudevan
Keyword(s):  
Public Key Cryptography ◽  
Public Key ◽  
Zero Knowledge

The Zero-Knowledge Proof Schemes Based on Williams Public-Key Cryptosystem

2012 ◽  
Vol 546-547 ◽  
pp. 526-530
Author(s):  
Qian Zhang ◽  
De Han
Keyword(s):  
Proof Theory ◽  
Public Key ◽  
Public Key Cryptosystem ◽  
Zero Knowledge ◽  
Proof Schemes ◽  
Proof Scheme ◽  
Set Up ◽  
Zero Knowledge Proof

In this paper, through introducing the Williams public-key cryptosystem in detail, the analysis of the characteristics of the system, and the combination with zero knowledge proof, we set up a zero-knowledge proof scheme based on Williams public-key cryptosystem. The scheme will enrich the theory of cryptography, and particularly zero-knowledge proof theory.

Comment on Xu et al.'s Key Agreement and Password Authentication Protocol

2011 ◽  
Vol 121-126 ◽  
pp. 3847-3849
Author(s):  
Yong Ning Guo ◽  
Cheng Lian Liu
Keyword(s):  
Information Technology ◽  
Linear Equation ◽  
Information Flow ◽  
Key Agreement ◽  
Authentication Protocol ◽  
Public Key ◽  
The Internet ◽  
Contact Mode ◽  
Password Authentication

The Internet has been population, which it was implement information technology, to every enterprize, also changed their contact mode of information flow style. Since public key conception was proposed, it had authentication function to secure while they are communication, and defense the data to leak based on stranger. In 2010, Xu et al. proposed an improvement of generalized key agreement and password authentication protocol which it based on linear equation in two unknown of congruence. In this paper, we pointed out some errors. Thus, the Xu et al.'s improved scheme may not becomes to be correction

scholarly journals ENHANCED MULTI-DEVICE TWO-FACTOR AUTHENTICATION USING PUBLIC-KEY CRYPTOGRAPHY

2021 ◽  
Author(s):  
Jahangir Abbas Mohammed
Keyword(s):  
Mobile Applications ◽  
Single Layer ◽  
Public Key Cryptography ◽  
Public Key ◽  
Message Authentication ◽  
Password Authentication ◽  
Suggested Approach ◽  
Client Server ◽  
Secure Software ◽  
Communication Lines

This paper proposes a secure two-factor authentication (TFA) system that relies on a password and a crypto-capable device. In cases like a compromise of communication lines, server or device vulnerabilities, and offline and online attacks on user passwords, the approach provides the highest feasible security bounds given the collection of compromised components. Using either SAS Message Authentication or any PIN-based Authentication, the suggested approach constructs a TFA scheme. The paper also proposes a secure software architecture for implementing an enhanced public key cryptography system for mobile applications and an efficient implementation of this modular structure that can use any password-based client-server authentication method without relying on risky single- layer password authentication architecture.

scholarly journals Fast Mutual Authentication Using RSA Moduli

2021 ◽  
Author(s):  
Anatoly Anisimov ◽  
Andrey Novokshonov
Keyword(s):  
Hash Function ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Third Party ◽  
Interactive Proof ◽  
Zero Knowledge ◽  
Trusted Third Party ◽  
Secret Information ◽  
Mutual Authentication Protocol

We describe a fast three-round mutual authentication protocol for parties A and B belonging to the same coalition group. Parties A and B keep their own independent long-term private keys that are used in the process of authentication and can be used for other purposes. The scheme assumes an initial setup with a trusted third party T. This party initiates another secret information that includes factors of a large RSA modulus. For authentication, both parties must demonstrate each other the knowledge of their private keys without revealing them and the ability to factorize a large RSA modulus. Thus, the protocol based on the suggested scheme provides reciprocal authentication. The scheme possesses all desirable properties of an interactive proof, i.e., completeness, soundness, and zero-knowledge. The security of the protocol relies on assumptions of difficulty of the RSA factorization and existence of a cryptographic hash function.

Node Authentication in Networks Using Zero-Knowledge Proofs

2007 ◽  
pp. 142-164
Author(s):  
Richard S. Norville ◽  
Kamesh Namuduri ◽  
Ravi Pendse
Keyword(s):  
Data Analysis ◽  
Authentication Protocol ◽  
Authentication Protocols ◽  
Zero Knowledge ◽  
Authentication Schemes ◽  
Zero Knowledge Proof

Zero-knowledge proof (ZKP) based authentication protocols provide a smart way to prove an identity of a node without giving away any information about the secret of that identity. There are many advantages as well as disadvantages to using this protocol over other authentication schemes, and challenges to overcome in order to make it practical for general use. This chapter examines the viability of ZKPs for use in authentication protocols in networks. It is concluded that nodes in a network can achieve a desired level of security by trading off key size, interactivity, and other parameters of the authentication protocol. This chapter also provides data analysis that can be useful in determining expected authentication times based on device capabilities. Pseudocode is provided for implementing a graph-based ZKP on small or limited processing devices.

Sign in / Sign up

Export Citation Format

Share Document