A Secure Authentication Scheme against password Guessing Attacks
C.A. Thriveni1 , K. Madhavi2
Section:Research Paper, Product Type: Journal Paper
Volume-6 ,
Issue-6 , Page no. 162-166, Jun-2018
CrossRef-DOI: https://doi.org/10.26438/ijcse/v6i6.162166
Online published on Jun 30, 2018
Copyright © C.A. Thriveni, K. Madhavi . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
View this paper at Google Scholar | DPI Digital Library
How to Cite this Paper
- IEEE Citation
- MLA Citation
- APA Citation
- BibTex Citation
- RIS Citation
IEEE Style Citation: C.A. Thriveni, K. Madhavi, “A Secure Authentication Scheme against password Guessing Attacks,” International Journal of Computer Sciences and Engineering, Vol.6, Issue.6, pp.162-166, 2018.
MLA Style Citation: C.A. Thriveni, K. Madhavi "A Secure Authentication Scheme against password Guessing Attacks." International Journal of Computer Sciences and Engineering 6.6 (2018): 162-166.
APA Style Citation: C.A. Thriveni, K. Madhavi, (2018). A Secure Authentication Scheme against password Guessing Attacks. International Journal of Computer Sciences and Engineering, 6(6), 162-166.
BibTex Style Citation:
@article{Thriveni_2018,
author = {C.A. Thriveni, K. Madhavi},
title = {A Secure Authentication Scheme against password Guessing Attacks},
journal = {International Journal of Computer Sciences and Engineering},
issue_date = {6 2018},
volume = {6},
Issue = {6},
month = {6},
year = {2018},
issn = {2347-2693},
pages = {162-166},
url = {https://www.ijcseonline.org/full_paper_view.php?paper_id=2156},
doi = {https://doi.org/10.26438/ijcse/v6i6.162166}
publisher = {IJCSE, Indore, INDIA},
}
RIS Style Citation:
TY - JOUR
DO = {https://doi.org/10.26438/ijcse/v6i6.162166}
UR - https://www.ijcseonline.org/full_paper_view.php?paper_id=2156
TI - A Secure Authentication Scheme against password Guessing Attacks
T2 - International Journal of Computer Sciences and Engineering
AU - C.A. Thriveni, K. Madhavi
PY - 2018
DA - 2018/06/30
PB - IJCSE, Indore, INDIA
SP - 162-166
IS - 6
VL - 6
SN - 2347-2693
ER -
VIEWS | XML | |
651 | 464 downloads | 374 downloads |
Abstract
With the rapid growth of websites, the registered users accounts across the websites increased from aggressive manner. The user may contain multiple accounts in a single website or across the different websites. So, for the different accounts the user may use the same password or the similar password which is already used, but with the prefix or postfix. As the result, guessing a single password may leak the remaining passwords which lead to the major concern of the security and user may forget the passwords of different sites. Hence a secure authentication scheme against password guessing attacks is necessary for logging in to the account with the single password reused for all the accounts in a secure manner with Single Sign on (SSO). In SSO, the tool allows a user to register and sign in with one set of credentials and gain access to the multiple applications and services. SSO increases security by using the difficult passwords which restrict guessing attacks, and also provides a better user experience for customers, employees by reducing the number of required accounts, passwords and provides simple access to all the applications and services they need.
Key-Words / Index Term
Security, Authentication, Password guessing attacks, Brute force attacks, Dictionary attacks
References
1] D. Florencio and C. Herley, “A large-scale study of web password habits, “in Proceedings of the 16th international conference on World Wide Web- WWW ’07, 2007, p. 657.
2] J. Yan A. Blackwell R. Anderson A. Grant "Password memorability and security: Empirical results" IEEE Security Privacy vol. 2 no. 5 pp. 25-31 Sep. /Oct. 2004.
3] Kostas Theoharoulis Ioannis Papaefstathiou "Implementing Rainbow Tables in high end FPGAs for superfast password Cracking" International Conference on field programmable Logic and applications (FPL) ISBN: 978-l-4244- 7842-2 Aug. 2010.
4] T. Arai H. Yamaguchi T. Sekiguchi and Y. Takemi "Fundamental technology to support cloud computing” IT platform 2010
5] Z. Li, W. He, D. Akhawe, and D. Song. The emperor’s new password manager: Security analysis of web-based password managers. In USENIX Security, 2014.
6] Weili Han, Zhigong Li and Minyue Ni “Shadow Attacks based on Password Reuses: A Quantitative Empirical Analysis”
7] Chang, C.C and Lee, C.Y. (2012) a secure single sign-on mechanism for distributed computer networks. IEEE Trans. Ind. Electron., 59, 629–637
8] Csdncleartext passwords 2011.
9] R. Wang, S. Chen, and X. Wang. Signing me onto your accounts through Facebook and google: A traffic-guided security study of commercially deployed single-sign-on web services. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 365–379, 2012.
10] N.LiandMarkovesecurity.org/TC/SP2014/papers/AStudyofProbabilisticPasswordModels
11] D. Llewellyn-Jones and G. Rymer. Cracking pwdhash: A brute force attack on client-side password hashing. In The 11th International Conference on Passwords (Passwords 2016). Springer, 2017.
12] T. Acar M. Belenkiy A. Küpçü "Single password authentication" Computer. Networks vol. 57 no. 13 pp. 2597-2614 Sep. 2013.