Abstract
User authentication is a process for a system to verify the identity of a claimed user and to give access permission. Although there are many other authentication methods such as biometrics and physical tokens, passwords are still being used in many applications due to easy deployment. To enhance the security against possible attacks such as an off-line dictionary attack, passwords are usually stored in a hashed form using a random nonce called a salt. However, this does not completely solve the security issue. In this paper, we propose a new password-based authentication method using homomorphic encryption where a password is stored in a remote server in an encrypted form and an input password is compared with the stored one on the encrypted domain. For this purpose, we also propose a new cryptographic primitive called one-time private key-based digital signature.
Original language | English |
---|---|
Title of host publication | Lecture Notes on Data Engineering and Communications Technologies |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 467-474 |
Number of pages | 8 |
DOIs | |
State | Published - 2017 |
Publication series
Name | Lecture Notes on Data Engineering and Communications Technologies |
---|---|
Volume | 2 |
ISSN (Print) | 2367-4512 |
ISSN (Electronic) | 2367-4520 |
Bibliographical note
Publisher Copyright:© Springer International Publishing AG 2017.