Secure Encryption scheme with key exchange for Two server Architecture

by   D Siva Santosh Kumar, et al.

In the distributed environment, authentication and key exchange mechanisms play a major role. In general, for authentication, the client and the server mutually exchange a common cryptographic key. In earlier, passwords were stored on a single server. If an intruder gains access to the server by using some malicious attacks, then all the passwords stored in the database be compromised. So the e-commerce application security is endangered. In order to improve the efficiency and performance of the authentication scheme, we introduce multiple servers to store the passwords and participate in the key exchange and authentication schemes. This ensures entire systems' security even if a single server is compromised. The randomly generated nonce for each session corresponding to two-level security mechanism where the scope of an attacker pretends as legitimate user and login to the system is completely restricted. In this method, passwords are stored in their equivalent hash values and stored on multiple servers. This makes the attacker difficult to reverse engineer and intercept to determine the password even from segments of hash value. In this paper, we model a safe and secure password-based authentication scheme using a key exchange.


page 1

page 2

page 3


Secure and Energy-Efficient Key-Agreement Protocol for Multi-Server Architecture

Authentication schemes are practised globally to verify the legitimacy o...

TREVERSE: Trial-and-Error Lightweight Secure Reverse Authentication with Simulatable PUFs

A physical unclonable function (PUF) generates hardware intrinsic volati...

Efficacy of Object-Based Passwords for User Authentication

Traditional text-based password schemes are inherently weak. Users tend ...

Ring Oscillator and its application as Physical Unclonable Function (PUF) for Password Management

Mobile and embedded devices are becoming inevitable parts of our daily r...

Generating and Managing Strong Passwords using Hotel Mnemonic

Weak passwords and availability of supercomputers to password crackers m...

The Blob: provable incompressibility and traceability in the whitebox model

We introduce a scheme for distributing and storing software with cryptog...

An authentication model based on cryptography

In this paper we proposed an authentication technique based on the user ...