Efficacy of Object-Based Passwords for User Authentication

11/30/2017
by   Sufian Hameed, et al.
0

Traditional text-based password schemes are inherently weak. Users tend to choose passwords that are easy to remember, making them susceptible to various attacks that have matured over the years. ObPwd [5] has tried to address these issues by converting user-selected digital objects to high-entropy text passwords for user authentication. In this paper, we extend the ObPwd scheme with a new object based password scheme that performs majority of the computation at the server side. This paper essentially discusses two frameworks for object password schemes, an object hash-based scheme (where the client machine computes the hash of the object to be used as text password) and an object-based scheme (where the object is directly transmitted to the server as password). We also evaluate the performance of both the object password schemes against conventional text-based password schemes using prototypes of each of the frameworks. Implications with respect to ease of use, sharing and security are also discussed.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/29/2017

Secure Encryption scheme with key exchange for Two server Architecture

In the distributed environment, authentication and key exchange mechanis...
research
02/18/2020

Security analysis of the W-OTS^+ signature scheme: Updating security bounds

In this work, we discuss in detail a flaw in the original security proof...
research
03/30/2023

Fuzzified advanced robust hashes for identification of digital and physical objects

With the rising numbers for IoT objects, it is becoming easier to penetr...
research
01/25/2021

DAHash: Distribution Aware Tuning of Password Hashing Costs

An attacker who breaks into an authentication server and steals all of t...
research
01/29/2021

Detection and Prevention of New Attacks for ID-based Authentication Protocols

The rapid development of information and network technologies motivates ...
research
09/28/2022

That Depends – Assessing User Perceptions of Authentication Schemes across Contexts of Use

Choosing authentication schemes for a specific purpose is challenging fo...

Please sign up or login with your details

Forgot password? Click here to reset