Password Based Anonymous Authentication with Private Information Retrieval
نویسندگان
چکیده
This paper focuses on authentication with three types of entities: a user who sends an authentication request, an service provider who receives and verifies the request, and a database who supplies the authentication-server with information for verifying the request. This paper presents novel authentication protocols that satisfy the following important properties: (1) secure against replay attacks and (2) the database cannot identify which user is authenticating First, we show a protocol with a single database which satisfies Properties (2). Second, we show a protocol which satisfies Properties (1) and (2). A key idea of our authentication protocols is to use private information retrieval (PIR) [Chor et al. J. ACM, 1998].
منابع مشابه
Anonymous and Transparent Gateway-Based Password-Authenticated Key Exchange
In Asiacrypt 2005, Abdalla et al. put forward the notion of gateway-based passwordauthenticated key exchange (GPAKE) protocol, which allows clients and gateways to establish a common session key with the help of an authentication server. In addition to the semantic security of the session key, their solution also provided additional security properties such as password protection with respect t...
متن کاملA Thesis for the Degree of Master of Science Threshold Password-Authenticated Key Retrieval Protocol Using Bilinear Pairings
These days many real world systems still rely on password authentication to verify the user’s identity before allowing that user to be given certain network services. So far many protocols based on password have been proposed, even if there are many security concerns associated with password-based protocol. Thus many researchers have studied how to make the password-like weak key to be more str...
متن کاملOn the Limits of Anonymous Password Authentication
Password authentication is the most commonly accepted means for entity authentication. To meet the increasing need of preserving individual privacy, anonymous password authentication has been proposed recently, to augment password authentication with the protection of user privacy. In this paper, we analyze the weaknesses inherent to anonymous password authentication, which make it questionable...
متن کاملPreserving User Privacy with Anonymous Authentication in Cloud Computing
Cloud computing offers its flexibility and dynamic nature in terms of its access to resources anytime and anywhere. All data and other resources in cloud storage are managed and controlled by the Cloud Service Provider. They provide security and ensure that the data is protected and free from any vulnerability. However, providing privacy through authentication mechanism is a big challenge. Most...
متن کاملThreshold Password-Based Authentication Using Bilinear Pairings
We present a new threshold password-based authentication protocol that allows a roaming user(a user who accesses a network from different client terminals) to download a private key from remote servers with knowledge of only his identity and password. He does not carry the smart card storing user’s private information. We note that as a goal of a multi-server roaming system, a protocol has to a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JDIM
دوره 9 شماره
صفحات -
تاریخ انتشار 2011