Title :
Towards securing client-server connections against man-in-the-middle attacks
Author :
Ordean, M. ; Giurgiu, M.
Author_Institution :
Commun. Dept., Tech. Univ. of Cluj-Napoca, Cluj-Napoca, Romania
Abstract :
This paper presents the design concept for an authentication string that makes use of the server´s public key and provides client´s authenticity through its password without the need of a client side certificate or a second channel. Successful strategies for preventing man-in-the middle attacks are currently relying either on two channel/two factor authentication or two-way encryption. Both these strategies have their downsides, the first one requires users to carry a physical device for authentication and the second requires all the devices that connect to the server have encryption certificates.
Keywords :
client-server systems; message authentication; public key cryptography; authentication string; client authenticity; client side certificate; client-server connection security; factor authentication; man-in-the-middle attacks; server public key cryptography; two-way encryption certificate; Authentication; Europe; Public key; Real-time systems; Servers; authentication: man-in-the-middle attack; connection security;
Conference_Titel :
Electronics and Telecommunications (ISETC), 2012 10th International Symposium on
Conference_Location :
Timisoara
Print_ISBN :
978-1-4673-1177-9
DOI :
10.1109/ISETC.2012.6408076
