REVIEW ON CLOUD SERVER SECURITY USING PASSWORD AUTHENTICATED KEY EXCHANGE

Authors

  • Payal Rani Research Scholar, Department of CSA, CDLU Sirsa
  • Monika Bansal Assistant Professor, Deptt. Of CSA ,CDLU ,Sirsa

Keywords:

authentication, Limitation, malicious

Abstract

Battle between ethical or white hat Security hackers and malicious or black hat Security hackers is a long war, which has no end. While ethical Security hacker help to understand companies’ their System security needs, malicious Security hackers intrudes illegally and harm network for their personal benefits. objective Enhancement of Password Authentication system is to prevent Security hacker’s Attack make remote servers more secure.It is necessary to keep password safe and secure. There may be a chance to hack password by outside onlookers to access data provided by user. So, it is necessary to follow techniques to preserve password from onlookers to hack it. Several techniques are used here for password authentication. Public Key Info systems is one of technique used under public key infrastructure in which public keys are used to create to avoid password hacking. Limitation of this system is that user has to check validity of key each and every time in password system. It consumes more time for execution. Then, another system called Password only protocols or Password Authenticated Key Exchange or PAKE which does use public key system for password authentication. So, it is easy for users to use this system for real world applications.

References

Boyko, V.; P. MacKenzie; S. Patel (2000). "Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman". Advances in Cryptology -- Eurocrypt 2000, LNCS. Lecture Notes in Computer Science (Springer-Verlag) 1807: 156. doi:10.1007/3-540-45539-6_12. ISBN 978-3-540-67517-4.

Abdalla, M.; D. Pointcheval (2005). "Simple Password-Based Encrypted Key Exchange Protocols" (PDF). Topics in Cryptology – CT-RSA 2005. Lecture Notes in Computer Science (Springer Berlin Heidelberg) 3376: 191–208. doi:10.1007/978-3-540-30574-3_14. ISBN 978-3-540-24399-1.

Bellare, M.; D. Pointcheval; P. Rogaway (2000). "Authenticated Key Exchange Secure against Dictionary Attacks". Advances in Cryptology -- Eurocrypt 2000 LNCS. Lecture Notes in Computer Science (Springer-Verlag) 1807: 139. doi:10.1007/3-540-45539-6_11. ISBN 978-3-540-67517-4.

Bellovin, S. M.; M. Merritt (May 1992). "Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks". Proceedings of the I.E.E.E. Symposium on Research in Security and Privacy (Oakland): 72. doi:10.1109/RISP.1992.213269. ISBN 0-8186-2825-1.

Ford, W.; B. Kaliski (14–16 June 2000). "Server-Assisted Generation of a Strong Secret from a Password". Proceedings of the IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (Gaithersburg MD: NIST): 176. doi:10.1109/ENABL.2000.883724. ISBN 0-7695-0798-0.

Goldreich, O.; Y. Lindell (2001). "Session-Key Generation Using Human Passwords Only". Advances in Cryptology -- Crypto 2001 LNCS (Springer-Verlag) 2139.

"IEEE Std 1363.2-2008: IEEE Standard Specifications for Password-Based Public-Key Cryptographic Techniques". IEEE. 2009.

Katz, J.; R. Ostrovsky; M. Yung (2001). "Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords" 2045. Springer-Vergal.

T. Wu. The SRP-3 Secure Remote Password Protocol. IETF RFC 2945.

D. Taylor, T. Wu, N. Mavrogiannopoulos, T. Perrin. Using the Secure Remote Password (SRP) Protocol for TLS Authentication. IETF RFC 5054

Downloads

Published

30-09-2016

How to Cite

Payal Rani, & Monika Bansal. (2016). REVIEW ON CLOUD SERVER SECURITY USING PASSWORD AUTHENTICATED KEY EXCHANGE. International Journal for Research Publication and Seminar, 7(6), 36–40. Retrieved from https://jrps.shodhsagar.com/index.php/j/article/view/902

Issue

Section

Original Research Article