Password-Based Mutual Authentication Protocol Against Phishing Attacks

KIPS Transactions on Computer and Communication Systems, Vol. 7, No.2, pp.41-48, February 2018
10.3745/KTCCS.2018.7.2.041, Full Text

Abstract

Until now, various studies on anti-phishing have been conducted. The most typical anti-phishing method is a method of collecting URL information of a phishing site in advance and then detecting phishing by comparing the URL of the visited site with the previously stored information. However, this blacklist-based anti-phishing method can not detect new phishing sites. For this reason, various anti-phishing authentication protocols have been proposed. but these protocols require a public key and a private key. In this paper, we propose a password-based mutual authentication protocol that is safe for phishing attacks. In the proposed protocol, the mutual authentication between the client and the server is performed through the authentication message including the password information. The proposed protocol is safe to eavesdropping attack because the authentication message uses the hash value of the password, not the original password, And it is safe to replay attack because different messages are used every time of authentication. In addition, since mutual authentication is performed, it is safe for man-in-the-middle attack. Finally, the proposed protocol does not require a key issuance process for authentication.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from October 15, 2016)

Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.


Cite this paper

[KIPS Transactions Style]
I. Kim and J. Choi, "Password-Based Mutual Authentication Protocol Against Phishing Attacks," KIPS Transactions on Computer and Communication Systems, Vol.7, No.2, pp.41-48, 2018, DOI: 10.3745/KTCCS.2018.7.2.041.

[IEEE Style]
Iksu Kim and Jongmyung Choi, "Password-Based Mutual Authentication Protocol Against Phishing Attacks," KIPS Transactions on Computer and Communication Systems, vol. 7, no. 2, pp. 41-48, 2018. DOI: 10.3745/KTCCS.2018.7.2.041.

[ACM Style]
Kim, I. and Choi, J. 2018. Password-Based Mutual Authentication Protocol Against Phishing Attacks. KIPS Transactions on Computer and Communication Systems, 7, 2, (2018), 41-48. DOI: 10.3745/KTCCS.2018.7.2.041.