Abstract | ||
---|---|---|
Until now, although many researchers proposed a variety of authentication protocol to verify the identity of the clients, most of these protocols are inefficient and ineffective. Gouda et al. proposed an anti-phishing single password protocol, but it is vulnerable to pharming attacks. In this paper, we show that the protocol is insecure, and propose a hash-based password authentication protocol against phishing and pharming attacks. In the proposed protocol, the authentication tickets passed between clients and servers are secure because they are hash values which can be verified only by clients and servers. The authentication ticket is used only once, which ensures that the proposed protocol is secure against a variety of attacks such as replay, man-in-the-middle, phishing, and pharming. Because the proposed authentication protocol does not require encryption keys during the authentication phase, it is suitable for wireless and mobile communication systems. |
Year | Venue | Keywords |
---|---|---|
2015 | JOURNAL OF INFORMATION SCIENCE AND ENGINEERING | authentication protocol,phishing attack,pharming attack,web security,hash function |
Field | DocType | Volume |
Wide Mouth Frog protocol,Lightweight Extensible Authentication Protocol,Challenge-Handshake Authentication Protocol,Computer science,Challenge–response authentication,Computer security,Computer network,Otway–Rees protocol,S/KEY,Authentication protocol,Cryptographic nonce | Journal | 31 |
Issue | ISSN | Citations |
1 | 1016-2364 | 0 |
PageRank | References | Authors |
0.34 | 9 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Iksu Kim | 1 | 0 | 0.34 |
Yongyun Cho | 2 | 98 | 21.02 |