PAKE-based mutual HTTP authentication for preventing phishing attacks

Details PAKE-based mutual HTTP authentication for preventing phishing attacks PAKE-based mutual HTTP authentication for preventing phishing attacks

2009-11-27

arxiv.org/abs/0911.5230v1

Computer Science

Cryptography and Security

Scientific paper

This paper describes a new password-based mutual authentication protocol for Web systems which prevents various kinds of phishing attacks. This protocol provides a protection of user's passwords against any phishers even if dictionary attack is employed, and prevents phishers from imitating a false sense of successful authentication to users. The protocol is designed considering interoperability with many recent Web applications which requires many features which current HTTP authentication does not provide. The protocol is proposed as an Internet Draft submitted to IETF, and implemented in both server side (as an Apache extension) and client side (as a Mozilla-based browser and an IE-based one). The paper also proposes a new user-interface for this protocol which is always distinguishable from fake dialogs provided by phishers.

Affiliated with

Also associated with

No associations

Rating

PAKE-based mutual HTTP authentication for preventing phishing attacks does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with PAKE-based mutual HTTP authentication for preventing phishing attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and PAKE-based mutual HTTP authentication for preventing phishing attacks will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-195568