Abstract
Internet users usually subscribe to a few online services. Remembering a different password for each service becomes a burden and a challenge for some. As a result, many Internet users frequently use the same password for multiple accounts. This kind of practice is risky since each service has a different security level. For example, an online community site has a weaker security measure than an online bank site. If an attacker has compromised a lower security service and obtained the user’s password, the attacker may be able to identify other accounts and use the stolen password. Therefore, reusing passwords becomes a security risk, and is not generally recommended. This paper tries to mitigate the risk of reusing an identical password for multiple accounts by implementing a single password authentication protocol. The proposed protocol does not expose the user’s password in the event of the server or the communication line has been breached.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kim, J.J., Hong, S.P.: A method of risk assessment for multi-factor authentication. J. Inf. Process. Syst. 7(1), 187–198 (2011)
Stallings, W.: Cryptography and Network Security: Principles and Practice, 7th edn. Prentice Hall, Upper Saddle River (2016)
Kennedy, E., Millard, C.: Data security and multi-factor authentication: analysis of requirements under EU law and in selected EU member states. Comp. Law Secur. Rev. 32(1), 91–110 (2016)
Kuacharoen, P.: A practical customer privacy protection on shared servers. In: International Conference on Information Theory and Information Security (ICITIS), pp. 525–529 (2010)
Internet Security Glossary, IETF RFC 2828-2000
Liao, I., Lee, C., Hwang, M.: A password authentication scheme over insecure networks. J. Comput. Syst. Sci. 72, 727–740 (2006)
Ross, B., et al.: Stronger password authentication using browser extensions. In: 14th Usenix Security Symposium, pp. 17–31 (2005)
Gouda, M.G., et al.: SPP: an anti-phishing single password protocol. Comput. Netw. 51(13), 3715–3726 (2007). Elsevier
Acar, T., et al.: Single password authentication. Comput. Netw. 57(13), 2597–2614 (2013). Elsevier
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kuacharoen, P. (2017). Single Password Authentication Protocol. In: Park, J., Chen, SC., Raymond Choo, KK. (eds) Advanced Multimedia and Ubiquitous Engineering. FutureTech MUE 2017 2017. Lecture Notes in Electrical Engineering, vol 448. Springer, Singapore. https://doi.org/10.1007/978-981-10-5041-1_1
Download citation
DOI: https://doi.org/10.1007/978-981-10-5041-1_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-5040-4
Online ISBN: 978-981-10-5041-1
eBook Packages: EngineeringEngineering (R0)