the basic two-server model to architecture of asingle back-end server supporting multiple front-end servers and envision interesting applications infederated enterprises.
II. LITERATURE REVIEW
Public key techniques are absolutelynecessary to make password systems secure againstoffline dictionary attacks, whereas the involvementof public key cryptosystems under a PKI (e.g.,public key encryption and digital signatureschemes) is not essential. There are two separateapproaches to the development of secure passwordsystems one is a combined use of a password andpublic key cryptosystem under a PKI, and the otheris a password only approach. In these systems, theuse of public keys entails the deployment andmaintenance of a PKI for public key certificationand adds to users the burden of checking keyvalidity. To eliminate this drawback, password-only protocols (password authenticated keyexchange or PAKE) have been extensively studied,e.g., , , . The PAKE protocols do notinvolve any public key cryptosystem under a PKIand, therefore, are much more attractive for real-world applications. Any use of public keycryptosystem under a PKI in a passwordauthentication system should be avoided since,otherwise, the benefits brought by the use of password would be counteracted to a great extent.Most of the existing password systemswere designed over a single server, where each usershares a password or some password verificationdata (PVD) with a single authentication server(e.g., , ,  ). These systems are essentiallyintended to defeat offline dictionary attacks byoutside attackers and assume that the sever iscompletely trusted in protecting the user passworddatabase. Unfortunately, attackers in practice takeon a variety of forms, such as hackers, viruses,worms, accidents, mis-configurations, anddisgruntled system administrators. As a result, nosecurity measures and precautions can guaranteethat a system will never be penetrated. Once anauthentication server is compromised, all the userpasswords or PVD fall in the hands of theattackers, who are definitely effective in offlinedictionary attacks against the user passwords. Toeliminate this single point of vulnerability inherentin the single-server systems, password systemsbased on multiple servers were proposed. Theprinciple is distributing the password database aswell as the authentication function to multipleservers so that an attacker is forced to compromiseseveral servers to be successful in offline dictionaryattacks.The system in , believed to be the firstmultiserver password system, splits a passwordamong multiple servers. However, the servers in need to use public keys. An improved versionof  was proposed in , which eliminates theuse of public keys by the servers. Further and morerigorous extensions were due to , where theformer built a t-out-of-n threshold PAKE protocoland provided a formal security proof under therandom oracle model  and the latter presentedtwo provably secure threshold PAKE protocolsunder the standard model. While the protocols aretheoretically significant, they have low efficiencyand high operational overhead. In these multi-server password systems, either the servers areequally exposed to the users and a user has tocommunicate in parallel with several or all serversfor authentication, or a gateway is introducedbetween the users and the servers.Recently, Brainard et al.  proposed atwo-server password system in which one serverexposes itself to users and the other is hidden fromthe public. While this two-server setting isinteresting, it is not a password-only system: Bothservers need to have public keys to protect thecommunication channels from users to servers. Aswe have stressed earlier, this makes it difficult tofully enjoy the benefits of a password system. Inaddition, the system in  only performs unilateralauthentication and relies on the Secure SocketLayer (SSL) to establish a session key between auser and the front-end server. Subsequently, Yanget al.  extended and tailored this two-serversystem to the context of federated enterprises,where the back-end server is managed by anenterprise headquarters and each affiliatingorganization operates a front-end server. Animprovement made in  is that only the back-endserver holds a public key. Nevertheless, the systemin  is still not a password-only system.
III. MODES OF SERVER PASSWORDAUTHENTICATION MODELS
In the single-server model as shown infig1, where a single server is involved and it keepsa database of user passwords. Most of the existingpassword systems follow this single-server model,but the single server results in a single point of vulnerability in terms of offline dictionary attacksagainst the user password database.
Fig 1: Single Server Password model
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010232http://sites.google.com/site/ijcsis/ISSN 1947-5500