Robust Resilient Two Server PasswordAuthentication Vs Single Server
T.S.THANGAVEL Dr.A.KRISHNAN
Department of M.Sc (IT) Department of Electronic and Communication Engg.K.S.Rangasamy College of Technology K.S.Rangasamy College of TechnologyTiruchengode TiruchengodeTamilnadu TamilnaduIndia India
Abstract
The authentication system stores thepassword in a Central Server, and the possibility forthe intruder to obtain the password is very easy andcan gain access to the contents of the user. For thepurpose of authentication, the multi-server systemswe proposed to communicate with one or all of theservers. It requires high communication bandwidth atthe same time is not easy to maintain and also theprotocols are highly expensive. The Two ServerAuthentication System avoids this problem, whichuses the passwords and the session keys, rather thanperforming the cryptographic techniques. It consistsof two servers, the front end and the back end server.The front end server communicates with the user,whereas the back end control server is only visible tothe service server. These two servers are responsiblefor the authentication. The password is split into twowords, which is one with the service server and theother with the control server. Both the servers arevalidated during the form validation process. Thesystem is suitable for both the computation andcommunication system. The servers are also used forthe multiple clients and also for the single serversystems.
Keywords: Password-Authentication,Two Servers password, Cryptosystem, single severSecure Password, Service sever, control server.
I. INTRODUCTION
The multi-user systems require the usersto provide their passwords along with their useridentification. The password serves to authenticatethe ID of the individual logging on to the system.This is required to determine if the user isauthorized to gain access to the system. This IDalso determines the privileges accorded to the user.The short secrets are convenient, particularly for anincreasingly mobile user population. Many usersare interested in employing a variety of computingdevices with different forms of connectivity anddifferent software platforms. Such users often findit convenient to authenticate by means of passwords and short secrets, to recover lostpasswords by answering questions, and to makesimilar use of relatively weak secrets.Most password-based user authenticationsystems place total trust on the authenticationserver where passwords or easily derived passwordverification data are stored in a central database.These systems could be easily compromised byoffline dictionary attacks initiated at the serverside. Compromise of the authentication server byeither outsiders or insiders subjects all userpasswords to exposure and may have seriousproblems. To overcome these problems in thesingle server system many of the systems has beenproposed such as multi-server systems, public keycryptography and password systems, thresholdpassword authentication systems, two serverpassword authentication systems.The proposed work continues the line of research on the two-server paradigm in [10], [11],extend the model by imposing different levels of trust upon the two servers, and adopt a verydifferent method at the technical level in theprotocol design. As a result, we propose a practicaltwo-server password authentication and keyexchange system that is secure against offlinedictionary attacks by servers when they arecontrolled by adversaries. The proposed scheme isa password-only system in the sense that it requiresno public key cryptosystem and, thus, no PKI. Thismakes the system very attractive considering PKIsare proven notoriously expensive to deploy in realworld. Moreover, the proposed system isparticularly suitable for resource constrained usersdue to its efficiency in terms of both computationand communication. The paper work, generalize
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010231http://sites.google.com/site/ijcsis/ISSN 1947-5500
the basic two-server model to architecture of asingle back-end server supporting multiple front-end servers and envision interesting applications infederated enterprises.
II. LITERATURE REVIEW
Public key techniques are absolutelynecessary to make password systems secure againstoffline dictionary attacks, whereas the involvementof public key cryptosystems under a PKI (e.g.,public key encryption and digital signatureschemes) is not essential. There are two separateapproaches to the development of secure passwordsystems one is a combined use of a password andpublic key cryptosystem under a PKI, and the otheris a password only approach. In these systems, theuse of public keys entails the deployment andmaintenance of a PKI for public key certificationand adds to users the burden of checking keyvalidity. To eliminate this drawback, password-only protocols (password authenticated keyexchange or PAKE) have been extensively studied,e.g., [2], [3], [4]. The PAKE protocols do notinvolve any public key cryptosystem under a PKIand, therefore, are much more attractive for real-world applications. Any use of public keycryptosystem under a PKI in a passwordauthentication system should be avoided since,otherwise, the benefits brought by the use of password would be counteracted to a great extent.Most of the existing password systemswere designed over a single server, where each usershares a password or some password verificationdata (PVD) with a single authentication server(e.g., [2], [3], [4] ). These systems are essentiallyintended to defeat offline dictionary attacks byoutside attackers and assume that the sever iscompletely trusted in protecting the user passworddatabase. Unfortunately, attackers in practice takeon a variety of forms, such as hackers, viruses,worms, accidents, mis-configurations, anddisgruntled system administrators. As a result, nosecurity measures and precautions can guaranteethat a system will never be penetrated. Once anauthentication server is compromised, all the userpasswords or PVD fall in the hands of theattackers, who are definitely effective in offlinedictionary attacks against the user passwords. Toeliminate this single point of vulnerability inherentin the single-server systems, password systemsbased on multiple servers were proposed. Theprinciple is distributing the password database aswell as the authentication function to multipleservers so that an attacker is forced to compromiseseveral servers to be successful in offline dictionaryattacks.The system in [6], believed to be the firstmultiserver password system, splits a passwordamong multiple servers. However, the servers in[6] need to use public keys. An improved versionof [6] was proposed in [7], which eliminates theuse of public keys by the servers. Further and morerigorous extensions were due to [8], where theformer built a t-out-of-n threshold PAKE protocoland provided a formal security proof under therandom oracle model [5] and the latter presentedtwo provably secure threshold PAKE protocolsunder the standard model. While the protocols aretheoretically significant, they have low efficiencyand high operational overhead. In these multi-server password systems, either the servers areequally exposed to the users and a user has tocommunicate in parallel with several or all serversfor authentication, or a gateway is introducedbetween the users and the servers.Recently, Brainard et al. [1] proposed atwo-server password system in which one serverexposes itself to users and the other is hidden fromthe public. While this two-server setting isinteresting, it is not a password-only system: Bothservers need to have public keys to protect thecommunication channels from users to servers. Aswe have stressed earlier, this makes it difficult tofully enjoy the benefits of a password system. Inaddition, the system in [1] only performs unilateralauthentication and relies on the Secure SocketLayer (SSL) to establish a session key between auser and the front-end server. Subsequently, Yanget al. [9] extended and tailored this two-serversystem to the context of federated enterprises,where the back-end server is managed by anenterprise headquarters and each affiliatingorganization operates a front-end server. Animprovement made in [9] is that only the back-endserver holds a public key. Nevertheless, the systemin [9] is still not a password-only system.
III. MODES OF SERVER PASSWORDAUTHENTICATION MODELS
In the single-server model as shown infig1, where a single server is involved and it keepsa database of user passwords. Most of the existingpassword systems follow this single-server model,but the single server results in a single point of vulnerability in terms of offline dictionary attacksagainst the user password database.
Fig 1: Single Server Password model
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010232http://sites.google.com/site/ijcsis/ISSN 1947-5500
In the multi-server model, the server sidecomprises multiple servers for the purpose of removing the single point of vulnerability, theservers are equally exposed to users and a user hasto communicate in parallel with several or allservers for authentication. The main problem withthe plain multi-server model is the demand oncommunication bandwidth and the need forsynchronization at the user side since a user has toengage in simultaneous communications withmultiple servers. This may cause problems toresource-constrained mobile devices such as handphones and PDAs.
Fig 2: Gateway Augmented Multi-server model
In the gateway augmented multi-servermodel as shown fig2, gateway is positioned as arelaying point between users and servers and a useronly needs to contact the gateway. Apparently, theintroduction of the gateway removes the demand of simultaneous communications by a user withmultiple servers as in the plain multi-server model.However, the gateway introduces an additionallayer in the architecture, which appears“redundant” since the purpose of the gateway issimply to relay messages between users andservers, and it does not in any way involve inservice provision, authentication, and other securityenforcements. From security perspective, morecomponents generally imply more points of vulnerabilities.Fig 3: Two server modelThe two-server model comprises twoservers at the server side, one of which is a publicserver exposing itself to users and the other of which is a back-end server staying behind thescene; users contact only the public server, but thetwo servers work together to authenticate users.The differences between the two-server model andthe earlier multi-server models area) In the two-server model, a user ends upestablishing a session key only with the publicserver, and the role of the back-end server ismerely to assist the public server in userauthentication, while in the multi-server models, auser establishes a session key (either different orthe same) with each of the servers.b) From a security point of view, serversin the multi-server models are equally exposed tooutside attackers (recall that the gateway in thegateway augmented multi-server model does notenforce security), while in the two-server model,only the public server faces such a problem. Thisimproves the server side security and the overallsystem security in the two-server model.In two server model, different levels of trust upon the two servers with respect to outsideattackers can be made. The back-end server is moretrustworthy than the public server. This is logicalsince the back-end server is located in the back-endand is hidden from the public, and it is thus lesslikely to be attacked. Two-server model hassuccessfully eliminated drawbacks in the plainmulti-server model (i.e., simultaneouscommunications between a user and multipleservers) and the gateway augmented multi-servermodel (i.e., redundancy) while allowing us todistribute user passwords and the authenticationfunctionality to two servers in order to eliminate asingle point of vulnerability in the single-servermodel. As a result, the two-server model appears tobe a sound model for practical applications.The existing systems upon the two-servermodel are not suffice, in turn motivated to present apassword-only system over the two-server model.In the proposed system, the public server acts as aservice server that provides application services,while the back-end server is a control server whosesole purpose is to assist the service server in userauthentication (the service server, of course, alsoparticipates in user authentication). In the plainmulti-server model and the gateway augmentedmulti-server model, several or all servers equallyparticipate in service provision as well as userauthentication, which is implied by the fact that auser negotiates a session key with each server. Thetwo-server model is generalized to architecture thata control server supports multiple service servers.
IV. FUNCTIONAL ARCHITECTUREOF TWO SERVER PASSWORDAUTHENTICATION SYSTEM
Three types of entities are involved in oursystem, i.e., users, a service server (SS) that is thepublic server in the two server model, and a controlserver (CS) that is the back-end server. In thissetting, users only communicate with SS and do not
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010233http://sites.google.com/site/ijcsis/ISSN 1947-5500
Search History:
Result 00 of 00
00 results for result for
p.
Robust Resilient Two Server Password Authentication Vs Single Server
The authentication system stores the password in a Central Server, and the possibility for the intruder to obtain the password is very easy and can gain access to the contents of the user. For the purpose…
(More)
409
Reads
1
Readcasts
1
Embed Views
More From This User
Notes
Load more
