Security Enhancement Using Two-Server Model
| Autor: | Anshu Malhotra, Abhinav Tyagi, Animesh Sit, Neeraj Dubey, Pranav Bhatia |
|---|---|
| Rok vydání: | 2014 |
| Předmět: |
Zero-knowledge password proof
Dictionary attack Salt (cryptography) Computer science computer.internet_protocol Computer security computer.software_genre Encryption One-time password Password strength S/KEY Brute-force attack Server Key stretching Syskey Microsoft Office password protection Password authentication protocol Key derivation function Password Password policy business.industry Rainbow table The Internet business computer Computer network |
| Zdroj: | International Journal of Innovative Research in Computer and Communication Engineering. :7178-7181 |
| ISSN: | 2320-9801 2320-9798 |
| Popis: | These days, most of the Internet Services use a single server model, where a single server is used to store the encrypted password. But, in case this server gets compromised, whole of the user’s data is lost. So, to address this problem we may use multiple servers to store a single user password. In this paper we present the technique of using two servers for storing the encrypted password. Here, firstly we are dividing the user’s password into two parts, then encrypting it and storing it into two separate servers. Further, the original password is retrieved by decrypting and combing the two parts of the password. Our system has a number of other features. Like in our system, only a front-end service server interacts directly with the users while a control server which does not interact with the user remains behind the scene; therefore, it can be directly implemented to strengthen the existing single-server password system that uses only a single server to store the password. In addition, the system is secure against various kinds of attack like the Brute Force Attack which may be either Dictionary attack or exhaustive search. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|