To search, Click below search items.


All Published Papers Search Service


Hash Based Quantum Key Web User Password Security in Two Server Systems


T.S.Thangavel, A. Krishnan


Vol. 10  No. 7  pp. 208-218


The authentication systems which uses passwords to authenticate their systems stores their password in a central server which is easily prone to attack and if they are being compromised by the intruder, it is possible for the intruder to obtain the password and gain access to the contents of the user. To overcome this problem, the multi-server systems were being proposed in which the user has to communicate in parallel with several or all of the servers for the purpose of authentication. Such system requires a large communication bandwidth and needs for synchronization at the user. The system is not easy to deploy and maintain or it requires the protocols which are quite expensive. To overcome these problems the two server authentication system proposed here uses only the passwords and the session keys rather than performing any cryptographic techniques. The two server system is particularly suitable for resource-constrained users due to its efficiency in terms of both computation and communication. With the itricate security principle of quantum theory and traditional public key model, integration is made to provide an improved security model for password authentication between the password exchange of two servers.The proposed work presented a user friendly secured password authentication system with two servers by applying quantum cryptographic. To start with, built user friendly browser extension password hash transparently produces a different password for each site, improving web password security. To improve the single server security issues, construct an efficient two server password authentication in terms of computation and communication. Finally quantum key cryptographic techniques are integrated to hash mechanism in two server authenticity to easily resist replay and passive attacks. User authentication and session key verification can be accomplished in one step without public discussions between a sender and receiver. The performance of integrated Quantum Key Distribution (QKD) systems and classical public key model have shown experimentally better performance in terms of computational efficiency and security rounds than traditional cryptic security model.


Hash function, Pseudo Random number, Service Server, Control server, Two Server Password Authentication, Quantum Key Distribution, Session Key