On compromising password-based authentication over HTTPS

被引：0

作者：

Saito, Takamichi ^{[1
]}

Hatsugai, Ryosuke ^{[1
]}

Kito, Toshiyuki ^{[2
]}

机构：

[1] Meiji Univ, Tokyo 101, Japan

[2] Toshiba Co Ltd, Tokyo, Japan

来源：

20TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 1, PROCEEDINGS | 2006年

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

SSL (Secure Socket Layer) is one of the security protocols to achieve secure communications over a TCP/IP network. SSL has two types of authentication modes, Server Authentication mode and Client Authentication mode. The former is popular and facile to utilize, while the latter is secure enough owing to mutual authentication. However, when it was required to identify a client or its user, Server Authentication mode can be utilized with Basic Authentication which is authentication with password to achieve mutual authentication. In this paper, we discuss the compromising of authentication using the password-based authentication over SSL. And we show the countermeasures against the attacks.

引用

页码：869 / +

页数：2

共 50 条

[31] An Improvement Password-based Authentication Protocol Using Smart Card
Hui, Liu
SENSORS, MEASUREMENT AND INTELLIGENT MATERIALS, PTS 1-4, 2013, 303-306 : 2182 - 2185
[32] A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks
Jia-Lun Tsai
Nai-Wei Lo
Tzong-Chen Wu
Wireless Personal Communications, 2013, 71 : 1977 - 1988
[33] Efficient and secure password-based authentication protocols against guessing attacks
Kwon, T
Song, J
COMPUTER COMMUNICATIONS, 1998, 21 (09) : 853 - 861
[34] Security analysis of a password-based authentication protocol proposed to IEEE 1363
Zhao, Z
Dong, ZQ
Wang, YG
THEORETICAL COMPUTER SCIENCE, 2006, 352 (1-3) : 280 - 287
[35] Cryptanalysis of two password-based authentication schemes using smart cards
Phan, RCW
COMPUTERS & SECURITY, 2006, 25 (01) : 52 - 54
[36] Password-Based Authentication Protocol for Secret-Sharing-Based Multiparty Computation
Kikuchi, Ryo
Chida, Koji
Ikarashi, Dai
Hamada, Koki
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2018, E101A (01) : 51 - 63
[37] Countermeasure on Password-Based Authentication Scheme for Multi-server Environments
Lee, Youngsook
Kim, Jiye
Won, Dongho
MULTIMEDIA AND UBIQUITOUS ENGINEERING, 2014, 308 : 459 - 466
[38] A Password-Based User Authentication Scheme for the Integrated EPR Information System
Zhen-Yu Wu
Yufang Chung
Feipei Lai
Tzer-Shyong Chen
Journal of Medical Systems, 2012, 36 : 631 - 638
[39] A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks
Tsai, Jia-Lun
Lo, Nai-Wei
Wu, Tzong-Chen
WIRELESS PERSONAL COMMUNICATIONS, 2013, 71 (03) : 1977 - 1988
[40] Strengthening password-based authentication protocols against online dictionary attacks
Wang, P
Kim, Y
Kher, V
Kwon, T
APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, PROCEEDINGS, 2005, 3531 : 17 - 32

← 1 2 3 4 5 →