NDLI: An Intrusion-Tolerant Password Authentication System

Please wait, while we are loading the content...

An Intrusion-Tolerant Password Authentication System

Content Provider	CiteSeerX
Author	Wang, Xunhua Heydari, M. Hossain
Abstract	In a password-based authentication system, to authenticate a user, a server typically stores password verification data (PVD), which is a value derived from the user’s password using publicly known functions. For those users whose passwords fall within an attacker’s dictionary, their PVDs, if stolen (for example, through server compromise), will allow the attacker to mount off-line dictionary attacks. In this article, we describe a password authentication system that can tolerate server compromises. The described system uses multiple (say n) servers to share password verification data and never reconstructs the shared PVD during user authentications. Only a threshold number (say t, t ≤ n) of these servers are required for a user authentication and compromising up to (t − 1) of these servers will not allow an attacker to mount off-line dictionary attacks, even if a user’s password falls within the attacker’s dictionary. The described system can still function if some of the servers are unavailable. In this paper, we give the system architecture and implementation details. Our experimental results show that the described system works well. The given system can be used to build intrusion-tolerant applications.
File Format	PDF
Access Restriction	Open
Subject Keyword	Intrusion-tolerant Password Authentication System Described System User Password Off-line Dictionary Attack User Authentication Password Authentication System Shared Pvd Implementation Detail Attacker Dictionary Verification Data Threshold Number Share Password Verification Data Server Compromise Intrusion-tolerant Application Password-based Authentication System
Content Type	Text

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in