Title :
A New Approach for Anonymous Password Authentication
Author :
Yang, Yanjiang ; Zhou, Jianying ; Weng, Jian ; Bao, Feng
Author_Institution :
Inst. for Infocomm Res., Singapore, Singapore
Abstract :
Anonymous password authentication reinforces password authentication with the protection of user privacy. Considering the increasing concern of individual privacy nowadays, anonymous password authentication represents a promising privacy-preserving authentication primitive. However, anonymous password authentication in the standard setting has several inherent weaknesses, making its practicality questionable. In this paper, we propose a new and efficient approach for anonymous password authentication. Our approach assumes a different setting where users do not register their passwords to the server; rather, they use passwords to protect their authentication credentials. We present a concrete scheme, and get over a number of challenges in securing password-protected credentials against off-line guessing attacks. Our experimental results confirm that conventional anonymous password authentication does not scale well, while our new scheme demonstrates very good performance.
Keywords :
data privacy; message authentication; anonymous password authentication; authentication credentials; offline guessing attacks; password protected credentials; privacy preserving authentication primitive; user privacy; Application software; Authentication; Computer security; Concrete; Conference management; File servers; Privacy; Protection; Protocols; Scalability; anonymous password authentication; guessing attack; scalability; unlinkability;
Conference_Titel :
Computer Security Applications Conference, 2009. ACSAC '09. Annual
Conference_Location :
Honolulu, HI
Print_ISBN :
978-0-7695-3919-5
DOI :
10.1109/ACSAC.2009.26
