Extending web applications with a lightweight zero knowledge proof authentication

5th International Conference on Soft Computing as Transdisciplinary Science and Technology, CSTST '08 - Proceedings

Volumn , Issue , 2008, Pages 65-70

  Grzonkowski, Sławomir ^a   Zaremba, Wojciech ^a   Zaremba, Maciej ^a   McDaniel, Bill ^a  

^a NATIONAL UNIVERSITY OF IRELAND   (Ireland)

Author keywords

Graph isomorphism; Password; Protocols; Web 2.0; Web 2.0 authentication; Zero knowledge proof

Indexed keywords

EXPERIMENTAL EVALUATION; GRAPH ISOMORPHISM; ISOMORPHIC GRAPHS; PASSWORD PROTOCOLS; SECURE TRANSACTIONS; SECURITY LEVEL; USER AUTHENTICATION; WEB 2.0; WEB APPLICATION; ZERO KNOWLEDGE PROOF;

INTERNET PROTOCOLS; SET THEORY; SOFT COMPUTING; WORLD WIDE WEB;

AUTHENTICATION;

EID: 77951595293     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1456223.1456241     Document Type: Conference Paper

References (21)

1. What is a sign-in seal? http://security.yahoo.com/article.html?aid= 2006102507 last viewed on 10 april 2008.
2. L. Babai, P. Erdos, and S. M. Selkow. Random graph isomorphism. SIAM Journal on Computing, 9(3):628-635, 1980.
3. M. Baudet. Deciding security of protocols against off-line guessing attacks. In CCS '05: Proceedings of the 12th ACM conference on Computer and communications security, pages 16-25, New York, NY, USA, 2005. ACM.
4. S. M. Bellovin and M. Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. pages 72-84.
5. A. Bouch, A. Kuchinsky, and N. Bhatti. Quality is in the eye of the beholder: meeting users' requirements for internet quality of service. In CHI '00: Proceedings of the SIGCHI conference on Human factors in computing systems, pages 297-304, New York, NY, USA, 2000. ACM Press.
6. D. G. Corneil and C. C. Gotlieb. An efficient algorithm for graph isomorphism. J. ACM, 17(1):51-64, 1970.
7. R. Czerwinski. A polynomial time algorithm for graph isomorphism. CoRR, abs/0711.2010, 2007.
8. D. Florencio and C. Herley. A large-scale study of web password habits. In WWW '07: Proceedings of the 16th international conference on World Wide Web, pages 657-666, New York, NY, USA, 2007. ACM Press.
9. S. Garfinkel. Fingerprinting your files. mit technology review. Technical report, August 2004.
10. S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interactive proof-systems. In STOC '85: Proceedings of the seventeenth annual ACM symposium on Theory of computing, pages 291-304, New York, NY, USA, 1985. ACM Press.
11. L. Gong, M. A. Lomas, R. M. Needham, and J. H. Saltzer. Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Areas in Communications, 11(5):648-656, 1993.
12. D. P. Jablon. Strong password-only authenticated key exchange. SIGCOMM Comput. Commun. Rev., 26(5):5-26, 1996.
13. N. Koblitz. Elliptic curve cryptosystems. 48(177):203-209, Jan. 1987.
14. A. J. Menezes, S. A. Vanstone, and P. C. V. Oorschot. Handbook of Applied Cryptography. CRC Press, Inc., Boca Raton, FL, USA, 1996.
15. R. B. Miller. Response time in man-computer conversational transactions. In Proc. AFIPS Fall Joint Computer Conference Vol. 33, pages 267-277, San Francisco, Calif, 1968.
16. V. S. Miller. Use of elliptic curves in cryptography. In Lecture notes in computer sciences; 218 on Advances in cryptology - CRYPTO 85, pages 417- 426, New York, NY, USA, 1986. Springer-Verlag New York, Inc.
17. A. Narayanan and V. Shmatikov. Fast dictionary attacks on passwords using time-space tradeoff. In CCS '05: Proceedings of the 12th ACM conference on Computer and communications security, pages 364-372, New York, NY, USA, 2005. ACM.
18. B. Pinkas and T. Sander. Securing passwords against dictionary attacks. In CCS '02: Proceedings of the 9th ACM conference on Computer and communications security, pages 161-170, New York, NY, USA, 2002. ACM.
19. U. Schöning. Graph isomorphism is in the low hierarchy. In STACS '87: Proceedings of the 4th Annual Symposium on Theoretical Aspects of Computer Science, pages 114-124, London, UK, 1987. Springer-Verlag.
20. T. Wu. The secure remote password protocol. In Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pages 97-111.
21. H. Xia and J. C. Brustoloni. Hardening web browsers against man-in-the-middle and eavesdropping attacks. In WWW '05: Proceedings of the 14th international conference on World Wide Web, pages 489-498, New York, NY, USA, 2005. ACM Press.