Towards securing client-server connections against man-in-the-middle attacks
| Autor: | Mircea Giurgiu, Mihai Ordean |
|---|---|
| Rok vydání: | 2012 |
| Předmět: |
Challenge-Handshake Authentication Protocol
Public key certificate business.industry Computer science Multi-factor authentication Computer security computer.software_genre NTLMSSP Internet Authentication Service Authentication protocol Challenge–response authentication business computer Data Authentication Algorithm Computer network |
| Zdroj: | 2012 10th International Symposium on Electronics and Telecommunications. |
| DOI: | 10.1109/isetc.2012.6408076 |
| Popis: | This paper presents the design concept for an authentication string that makes use of the server's public key and provides client's authenticity through its password without the need of a client side certificate or a second channel. Successful strategies for preventing man-in-the middle attacks are currently relying either on two channel/two factor authentication or two-way encryption. Both these strategies have their downsides, the first one requires users to carry a physical device for authentication and the second requires all the devices that connect to the server have encryption certificates. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|