Threshold password authentication against guessing attacks in Ad hoc networks

Password authentication has been accepted as one of the commonly used solutions in network environment to protect resources from unauthorized access. The emerging mobile Ad hoc network, however, has called for new requirements for designing authentication schemes due to its dynamic nature and vulnerable-to-attack structure, which the traditional schemes overlooked, such as availability and strong security against off line guessing attacks in face of node compromise. In this paper, we propose a threshold password authentication scheme, which meets both availability and strong security requirements in the mobile Ad hoc networks. In our scheme, t out of n server nodes can jointly achieve mutual authentication with a registered user within only two rounds of message exchanges. Our scheme allows users to choose and change their memorable password without subjecting to guessing attacks. Moreover, there is no password table in the server nodes end, which is preferable since mobile nodes are usually memory-restricted devices. We also show that our scheme is efficient to be implemented in mobile devices.