[en] We discuss a password-based authentication protocol that
we argue to be robust against password-guessing and o -line dictionary
attacks. The core idea is to hash the passwords with a seed that comes
from an OTP device, making the resulting identity token unpredictable
for an adversary. We believe that the usability of this new protocol is the
same as that of password-based methods with OTP, but has the advan-
tage of not burdening users with having to choose strong passwords.
Disciplines :
Computer science
Author, co-author :
Vazquez Sandoval, Itzel ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Lenzini, Gabriele ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Stojkovski, Borce ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)
External co-authors :
no
Language :
English
Title :
A Protocol to Strengthen Password-Based Authentication
Publication date :
November 2018
Event name :
1st International Workshop on Emerging Technologies for Authorization and Authentication -ESORICS International Workshops
Event date :
7 Sept 2018
Main work title :
Emerging Technologies for Authorization and Authentication
Collection name :
Lecture Notes in Computer Science (LNCS), volume 11263