Special Issue Article
Improving Service credibility in Password Authenticated Peer Services
Two server password-based authentication protocols (Two-Server PAKE), where two servers cooperate to authenticate a client on the basis of Password only and if one server is compromised due to Insider Attack or Denial Of Service Attack (DDOS), the attackercannot pretend to be the client with the information from the compromised server. Recent research advances in password-based authentication and follow two models. The first model, called PKI-based model, assumes that the client keeps the server’s public key in addition to share a password with the server. In this setting, the client can send the password to the server by public key encryption.The second model is called password-only model which follows encrypted key exchange (EKE) protocols, where the password is used as a secret key to encrypt random numbers for key exchange purpose.A password only authentication protocol which is both practical and provably-secure under cryptographic assumption.Our Protocol is Symmetric and, can run in parallel to establishes secret session keys between the client and two servers, respectively. In case one of the two servers shuts down due to the denial-of service attack, another server can continue to provide services to authenticated clients. In terms of parallel computation and reliable service, a symmetric protocol is superior to an asymmetric protocol.