Secure Encryption scheme with key exchange for Two server Architecture

TL;DR

This paper proposes a secure distributed authentication scheme using multiple servers and hash-based password storage, enhancing security even if one server is compromised, through a novel key exchange mechanism with nonce-based two-level security.

Contribution

It introduces a multi-server architecture for password storage and key exchange, improving security and resilience against attacks compared to traditional single-server systems.

Findings

Passwords stored as hashes on multiple servers increase security.

Nonce-based two-level security mechanism restricts attacker access.

System maintains security even if one server is compromised.

Abstract

In the distributed environment, authentication and key exchange mechanisms play a major role. In general, for authentication, the client and the server mutually exchange a common cryptographic key. In earlier, passwords were stored on a single server. If an intruder gains access to the server by using some malicious attacks, then all the passwords stored in the database be compromised. So the e-commerce application security is endangered. In order to improve the efficiency and performance of the authentication scheme, we introduce multiple servers to store the passwords and participate in the key exchange and authentication schemes. This ensures entire systems' security even if a single server is compromised. The randomly generated nonce for each session corresponding to two-level security mechanism where the scope of an attacker pretends as legitimate user and login to the system is completely restricted. In this method, passwords are stored in their equivalent hash values and stored on multiple servers. This makes the attacker difficult to reverse engineer and intercept to determine the password even from segments of hash value. In this paper, we model a safe and secure password-based authentication scheme using a key exchange.