drPass: A Dynamic and Reusable Password Generator Protocol
作者: Suryakanta Panda , Samrat Mondal
DOI: 10.1007/978-3-030-05171-6_21
关键词:
摘要: In general, alphanumeric passwords are used for authentication due to its simplicity and deployability. Strong distinct inconvenient memorize. So, users often pick weak reuse them. Also, employ some simple tricks derive from a basic one. However, such easy could not provide sufficient strength protect confidential resources. These reduce the work of attackers great extent. Although strong brute force attack, they prone theft compromised under different vulnerabilities. Thus, by compromising one password, an attacker may gain access other web-accounts where identical or similar same user. this paper, we propose drPass, dynamic reusable password generating protocol that generates high entropy thwarts various stealing attacks. The proposed drPass scheme does require any server-side change existing websites implementation. It reduces memory burden on also helps generate maintain highly secure, each site.
springer.com
sci-hub.se 参考文章(26)
Cormac Herley, Baris Coskun, Dinei Florêncio, Do strong web passwords accomplish anything usenix conference on hot topics in security. pp. 10- ,(2007)
Dan Boneh, Collin Jackson, Suman Jana, Eric Chen, David Silver, Password managers: attacks and defenses usenix security symposium. pp. 449- 464 ,(2014)
Haining Wang, Chuan Yue, Benjamin Strahs, Secure passwords through enhanced hashing usenix large installation systems administration conference. pp. 7- 7 ,(2009)
Bryan Parno, Cynthia Kuo, Adrian Perrig, Phoolproof phishing prevention financial cryptography. pp. 1- 19 ,(2006) , 10.1007/11889663_1
Zhiwei Li, Warren He, Devdatta Akhawa, Dawn Song, The emperor's new password manager: security analysis of web-based password managers usenix security symposium. pp. 465- 479 ,(2014) , 10.21236/ADA614474
Taekyoung Kwon, Sooyeon Shin, Sarang Na, Covert Attentional Shoulder Surfing: Human Adversaries Are More Powerful Than Expected systems man and cybernetics. ,vol. 44, pp. 716- 727 ,(2014) , 10.1109/TSMC.2013.2270227
Haichang Gao, Wei Jia, Fei Ye, Licheng Ma, A Survey on the Use of Graphical Passwords in Security Journal of Software. ,vol. 8, pp. 1678- 1698 ,(2013) , 10.4304/JSW.8.7.1678-1698
Hung-Min Sun, Yao-Hsin Chen, Yue-Hsun Lin, oPass: A User Authentication Protocol Resistant to Password Stealing and Password Reuse Attacks IEEE Transactions on Information Forensics and Security. ,vol. 7, pp. 651- 663 ,(2012) , 10.1109/TIFS.2011.2169958
Christian Mainka, Vladislav Mladenov, Florian Feldmann, Julian Krautwald, Jörg Schwenk, Your Software at my Service: Security Analysis of SaaS Single Sign-On Solutions in the Cloud ieee international conference on cloud computing technology and science. pp. 93- 104 ,(2014) , 10.1145/2664168.2664172
Georgios Kontaxis, Elias Athanasopoulos, Georgios Portokalidis, Angelos D. Keromytis, SAuth: protecting user accounts from password database leaks computer and communications security. pp. 187- 198 ,(2013) , 10.1145/2508859.2516746