Abstract:
The constant influence of passwords more than all other scheme of identity verification is a key discomfiture to security examiners. As web technologies are gaining more and more fame day by day but the persistent survival and replication of password authentication schemes generate difficulties for end users. After such a long age, still discussions over substitute schemes have not yet produced an ultimate solution. Leslie Lamport suggested the use of hash chains as password verifiers for identity verification over insecure network. Giving importance to the algorithm and structure used in these schemes, W. C. Ku in 2004 proposed a new protocol which has gained so much attraction from researchers till date. This protocol has been exploited and then improved many times. In this research, some attacks on its improved version of protocol have also been demonstrated. Many strong password authentication schemes have been proposed which are based on lamport’s method, but none is secure enough. The main aim of this research is to compile a framework for the assessment of hash based password authentication schemes. In this research, a review of strong password authentication schemes has been presented and a suitable new strong password authentication scheme based on lamport’s method of hash has been proposed that can fulfill highest possible level of desired criteria according to the framework. An analysis and comparisons of features and security of the proposed scheme with the existing schemes is also included in this research.
