Idiot-Proofing Authentication
نویسندگان
چکیده
We develop a mechanism by which a server can guarantee that client passwords contain a certain amount of (actually random) entropy while not actually knowing these passwords. We define and implement a protocol between a client and server used during password generation. Importantly, while we greatly modify the process of generating a password, the actual day-to-day use of this password is mostly unmodified, allowing for the use of additional password protection schemes on top of our system, like SRP. We describe a specific protocol which can be used with a minimally modified version of SRP to provide strong guarantees on the security of user passwords.
منابع مشابه
A Semi-Fragile Watermarking Scheme Using Weighted Vote with Sieve and Emphasis for Image Authentication
This paper describes a semi-fragile watermarking scheme for image authentication and tamper-proofing. Each watermark bit is duplicated and randomly embedded in the original image in the discrete wavelet domain by modifying the corresponding image coefficients through quantization. The modifications are made so that they have little effect on the image and that the watermarking is robust against...
متن کاملDigital Watermarking for Telltale Tamper Proofing and Authentication
In this paper, we consider the problem of digital watermarking to ensure the credibility of multimedia. We specifically address the problem of fragile digital watermarking for the tamper proofing of still images. Applications of our problem include authentication for courtroom evidence, insurance claims, and journalistic photography. We present a novel fragile watermarking approach which embeds...
متن کاملTamper-proofing of electronic and printed text documents via robust hashing and data-hiding
In this paper, we deal with the problem of authentication and tamper-proofing of text documents that can be distributed in electronic or printed forms. We advocate the combination of robust text hashing and text datahiding technologies as an efficient solution to this problem. First, we consider the problem of text data-hiding in the scope of the Gel’fand-Pinsker data-hiding framework. For illu...
متن کاملModification on Kerberos Authentication Protocol in Grid Computing Environment
The Kerberos is applied widely in OS and grid computing environment. The Kerberos system isn’t secure enough for symmetrical encryption. The paper describes a method that transform symmetrical key into asymmetric encryption on the basis of keeping symmetrical key of one side changeless. The algorithm strengthens the security of Kerberos protocol through proofing.
متن کاملMaking authentication stronger and more cost efficient with web of trust
Solid registration processes for identity registration including proofing, vetting and binding are essential for strong authentication solutions. Solid typically implies a face-2-face component in the registration process, which is expensive and not user friendly. Alternatives that rely on remote registration often result in weak binding or are overly complex. We propose a web of trust approach...
متن کامل