On compromising password-based authentication over HTTPS

被引:0
|
作者
Saito, Takamichi [1 ]
Hatsugai, Ryosuke [1 ]
Kito, Toshiyuki [2 ]
机构
[1] Meiji Univ, Tokyo 101, Japan
[2] Toshiba Co Ltd, Tokyo, Japan
来源
20TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 1, PROCEEDINGS | 2006年
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
SSL (Secure Socket Layer) is one of the security protocols to achieve secure communications over a TCP/IP network. SSL has two types of authentication modes, Server Authentication mode and Client Authentication mode. The former is popular and facile to utilize, while the latter is secure enough owing to mutual authentication. However, when it was required to identify a client or its user, Server Authentication mode can be utilized with Basic Authentication which is authentication with password to achieve mutual authentication. In this paper, we discuss the compromising of authentication using the password-based authentication over SSL. And we show the countermeasures against the attacks.
引用
收藏
页码:869 / +
页数:2
相关论文
共 50 条
  • [1] Secure password-based authentication in WLAN
    Keshava, M.
    Journal of the Indian Institute of Science, 2006, 86 (04) : 389 - 396
  • [2] Securing Password in Static Password-based Authentication: A Review
    Mohamedali, Intisar A.
    Fadlalla, Yahia
    PROCEEDINGS OF 2017 SUDAN CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGY (SCCSIT), 2017, : 98 - 102
  • [3] Neuromuscular Password-Based User Authentication
    Jiang, Xinyu
    Xu, Ke
    Liu, Xiangyu
    Dai, Chenyun
    Clifton, David A.
    Clancy, Edward A.
    Akay, Metin
    Chen, Wei
    IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2021, 17 (04) : 2641 - 2652
  • [4] PASTA: PASsword-based Threshold Authentication
    Agrawal, Shashank
    Miao, Peihan
    Mohassel, Payman
    Mukherjee, Pratyay
    PROCEEDINGS OF THE 2018 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'18), 2018, : 2042 - 2059
  • [5] On Unlinkability of Password-Based Anonymous Authentication
    Shin, SeongHan
    Kobara, Kazukuni
    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2015, E98A (06) : 1320 - 1324
  • [6] A Protocol to Strengthen Password-Based Authentication
    Sandoval, Itzel Vazquez
    Stojkovski, Borce
    Lenzini, Gabriele
    EMERGING TECHNOLOGIES FOR AUTHORIZATION AND AUTHENTICATION, ETAA 2018, 2018, 11263 : 38 - 46
  • [7] Cryptanalysis and Enhancement of a Password-Based Authentication Scheme
    Eldefrawy, Mohamed H.
    Al-Muhtadi, Jalal F.
    2015 IEEE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2015, : 548 - 551
  • [8] Password-based authentication: Preventing dictionary attacks
    Chakrabarti, Saikat
    Singhal, Mukesh
    COMPUTER, 2007, 40 (06) : 68 - +
  • [9] Password-based authentication and the experiences of end users
    Ezugwu, Assumpta
    Ukwandu, Elochukwu
    Ugwu, Celestine
    Ezema, Modesta
    Olebara, Comfort
    Ndunagu, Juliana
    Ofusori, Lizzy
    Ome, Uchenna
    SCIENTIFIC AFRICAN, 2023, 21
  • [10] Indistinguishability and unextractablility of password-based authentication in blockchain
    Huang, Xinyi
    Zhang, Yuexin
    FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2020, 112 : 561 - 566
12345