A Cryptographic Mutual Authentication Scheme for Web Applications

Yassine Sadqi; Ahmed Asimi; Younes Asimi

arXiv:1412.2908·cs.CR·December 10, 2014

A Cryptographic Mutual Authentication Scheme for Web Applications

Yassine Sadqi, Ahmed Asimi, Younes Asimi

PDF

TL;DR

This paper introduces StrongAuth, a cryptographic mutual authentication scheme for web applications that enhances security while maintaining user experience, addressing limitations of traditional password-based systems.

Contribution

The paper presents a novel cryptographic mutual authentication scheme, StrongAuth, that improves security and usability for web applications compared to existing password replacement methods.

Findings

01

StrongAuth resists various attacks.

02

It preserves user experience similar to password authentication.

03

Security analysis confirms robustness of the scheme.

Abstract

The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication scheme called StrongAuth which preserves most password authentication advantages and simultaneously improves security using cryptographic primitives. Our scheme not only offers webmasters a clear framework which to build secure user authentication, but it also provides almost the same conventional user experience. Security analysis shows that the proposed scheme fulfills the required user authentication security benefits, and can resist various possible attacks.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.