Title :
An Anti-phishing User Authentication Scheme without Using a Sensitive Key Table
Author :
Lee, Wei-Bin ; Chen, Hsing-Bai ; Chang, Shun-Shyan ; Yang, Chia-Chi
Author_Institution :
Dept. of Inf. Eng. & Comput. Sci., Feng Chia Univ., Taichung, Taiwan
Abstract :
Phishing is a popular technique that attackers use for the obtainment of sensitive information about users. Last year, over 44 million users became victims of phishing websites. Mutual authentication between user and server is an essential part of anti-phishing mechanisms. Lee et al. proposed a scheme that achieves mutual authentication to protect users from phishing attacks. However, a sensitive key table is necessary if users want to achieve mutual authentication on different servers. This attracts attackers´ attention and increases the cost of maintaining the key. In this paper, a novel anti-phishing authentication scheme without a sensitive key table is presented. No sensitive key table is needed if the user is present at that time. Moreover, the proposed scheme can prevent guessing and replay attacks, which are serious threats to user authentication.
Keywords :
Web sites; computer crime; message authentication; unsolicited e-mail; antiphishing user authentication scheme; mutual authentication; phishing Web sites; sensitive key table; Authentication; Biometrics; Bismuth; Cryptography; Immune system; Servers; CAPTCHA; authentication; biometrics; phishing; visual cryptography;
Conference_Titel :
Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), 2011 Seventh International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4577-1397-2
DOI :
10.1109/IIHMSP.2011.91
