A Password-Based Key Derivation Algorithm Using the KBRP Method

Hussain, Shakir M.; Al-Bahadili, Hussein

doi:10.3844/ajassp.2008.777.782

Cited by 6 publications

(4 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This work presents a detailed description of the proposed Password-Based Digital Signature (PBDS) authentication scheme. It The PBDS scheme makes use of the KBRP method [8] and the PBKD algorithm [9] . In order to explain this new scheme, it is useful to provide a brief description of the KBRP and PBKD.…”

Section: The Proposed Password Authentication Schemementioning

confidence: 99%

See 1 more Smart Citation

A Non-Exchanged Password Scheme for Password-Based Authentication in Client-Server Systems

Hussain¹,

Al-Bahadili²

2008

American J. of Applied Sciences

Self Cite

View full text Add to dashboard Cite

Abstract:The password-based authentication is widely used in client-server systems. This research presents a non-exchanged password scheme for password-based authentication. This scheme constructs a Digital Signature (DS) that is derived from the user password. The digital signature is then exchanged instead of the password itself for the purpose of authentication. Therefore, we refer to it as a Password-Based Digital Signature (PBDS) scheme. It consists of three phases, in the first phase a password-based Permutation (P) is computed using the Key-Based Random Permutation (KBRP) method. The second phase utilizes P to derive a Key (K) using the Password-Based Key Derivation (PBKD) algorithm. The third phase uses P and K to generate the exchanged DS. The scheme has a number of features that shows its advantages over other password authentication approaches.

show abstract

Section: The Proposed Password Authentication Schemementioning

confidence: 99%

“…Instead, a Password-Based Digital Signature (PBDS) is derived and transmitted over the network. This signature is derived using an efficient highly secure scheme that utilizes the Key Based Random Permutation (KBRP) method [8] and the Password-Based Key Derivation (PBKD) method [9] . The main features of the new scheme include:…”

Section: Introductionmentioning

confidence: 99%

A Non-Exchanged Password Scheme for Password-Based Authentication in Client-Server Systems

Hussain¹,

Al-Bahadili²

2008

American J. of Applied Sciences

Self Cite

View full text Add to dashboard Cite

show abstract

“…This key could be used for securing further communication between the users. But it is weak in preventing man-in-the middle attack, since the entitie's identity are not included in the message while exchanging public keys (Hussain, 2008;Hsiang and Shih, 2009b).…”

Section: Introductionmentioning

confidence: 99%

“…The keys should be secretly generated and distributed. Diffie Hellman's (Hussain, 2008;Hsiang and Shih, 2009a) method is a well known key generation and authentication algorithm among public key cryptosystems. Accordingly using senders own private key and partner's public key, the shared session key could be calculated through discrete logarithm.…”

Section: Introductionmentioning

confidence: 99%

A Secure Simple Authenticated Key Exchange Algorithm based Authentication for Social Network

Venkateswari¹

2011

Journal of Computer Science

View full text Add to dashboard Cite

Problem statement:This study describes about a robust and secured authentication procedure that can be adapted in a private forum within a Social Network Site (SNS) to update its user's profile. Approach: The robustness is achieved through combining proven security measures combined with usability aspects. The study demonstrates acceptance of such robustness particularly in a SNS to update user's profile. The study discuss on three related components that were considered for the proposed security measures, namely shared keys based on passwords security methods, personalized questions and one time passwords. The study elaborated shared key for authentication. The keys were calculated based on communication entities at the user's site. Shared key methods have proved to be effective in withstanding general attacks. Most of information security and network security protocols provide security and preserve secrecy based on cryptography techniques. Results: While the keys could be generated through conventional password based key generation algorithm, the security can also be enhanced by using personalized questions in addition to the password. The study proposed certain ideal security key that would be generated through socially surveyed personalized questions and password. This key would then become a onetime password for the users for a particular login session. While the keys when generated through highly secured manner and used for mutual authentication, social studies have pointed out to usability weakness. Conclusion: This study validated social acceptance in introducing personalized questions that would generate keys for authentication. The study elaborates both authentication technique as well as the social responses on personalized password questions. The personalized password questions have been designed from commonly used security questions like ones that asked to those who have lost their passwords. These questions need to be looked from social angle rather than technical angle. A social survey was conducted restricted to southern India. Based on the responses the questions have been designed and administered in a social network site to generate the keys for authentication purposes. This study elaborates the validity of robustness achieved through this proposed method. The proposed method although proved to be suitable to Southern Indian users of Social Network Site, it can be used for other regions but with personalized questions of that social culture.

show abstract

A comprehensive Software Copy Protection and Digital Rights Management platform

Bahaa-Eldin

Sobh

2014

Ain Shams Engineering Journal

View full text Add to dashboard Cite

A Password-Based Key Derivation Algorithm Using the KBRP Method

Cited by 6 publications

References 11 publications

A Non-Exchanged Password Scheme for Password-Based Authentication in Client-Server Systems

A Non-Exchanged Password Scheme for Password-Based Authentication in Client-Server Systems

A Secure Simple Authenticated Key Exchange Algorithm based Authentication for Social Network

A comprehensive Software Copy Protection and Digital Rights Management platform

Contact Info

Product

Resources

About