A Protocol to Strengthen Password-Based Authentication

Interdisciplinary Research Group in Socio-technical Cybersecurity

A Protocol to Strengthen Password-Based Authentication

Vazquez Sandoval Itzel, Lenzini Gabriele, Stojkovski Borce
Abstract:

We discuss a password-based authentication protocol that we argue to be robust against password-guessing and o-line dictionary attacks. The core idea is to hash the passwords with a seed that comes from an OTP device, making the resulting identity token unpredictable for an adversary. We believe that the usability of this new protocol is the same as that of password-based methods with OTP, but has the advantage of not burdening users with having to choose strong passwords.

Authors:
Vazquez Sandoval Itzel, Lenzini Gabriele, Stojkovski Borce
Publication date:
November, 2018
Published in:
Emerging Technologies for Authorization and Authentication
Reference:
Sandoval, I. V., Stojkovski, B., & Lenzini, G. (2018, September). A Protocol to Strengthen Password-Based Authentication. In International Workshop on Emerging Technologies for Authorization and Authentication (pp. 38-46). Springer, Cham.

Get in touch with us

SnT – Interdisciplinary Centre for Security, Reliability and Trust
29, Avenue J.F Kennedy L-1855 Luxembourg
info-irisc-lab@uni.lu