Title :
Design and implementation of password-based identity authentication system
Author :
Zhai, Shuo ; He, Tao
Author_Institution :
Sch. of Comput., China Univ. of Min. & Technol., Xuzhou, China
Abstract :
The main weakness of passwords is that it is vulnerable to dictionary attacks implemented by automated programs. As the EKE protocol could resist the offline dictionary attack and the CAPTCHA could avoid automatic on-line dictionary attack implemented by the attacker, in this paper, based on the two protocols, we proposed the hybrid password authentication protocols. Our new password authentication schemes combined the advantages of the EKE protocol and the CAPTCHA, which can resist the dictionary attacks implemented by the automatic programs perfectly. Finally, we gave the realization of the password authentication protocol, in which the reverse Turing test is realized by the common graphical verification code.
Keywords :
authorisation; cryptographic protocols; CAPTCHA; EKE protocol; Turing test; dictionary attacks; graphical verification code; password based identity authentication system; Authentication; Computers; Cryptography; Dictionaries; Protocols; Servers; Smart cards; CAPTCHA; Dictionary Attacks; EKE Protocol; Identity Authentication; Password;
Conference_Titel :
Computer Application and System Modeling (ICCASM), 2010 International Conference on
Conference_Location :
Taiyuan
Print_ISBN :
978-1-4244-7235-2
Electronic_ISBN :
978-1-4244-7237-6
DOI :
10.1109/ICCASM.2010.5623039
