Abstract

Username/Password combination is currently the most commonly deployed authentication method for a large number of applications. The databases of stored credentials are a high-profile target for malicious attackers who are performing advanced attacks to break into servers for stealing and cracking password hashes. Consequently, relying on the classical authentication scheme may not be usually an effective way to protect users' accounts in the event of a security breach. In this article, we propose a novel secure authentication scheme named DePass to thwart dictionary, brute force and rainbow-table attacks that aim at inverting password hashes. Our scheme provides a novel way of hashing by segmenting and mixing a SHA-2 password hash with a random SHA-2 hash to produce a single apparent hash with delimiters. The apparent hash is stored in the server while the delimiters are sent to the user upon a registration phase. DePass authentication scheme is well-tailored to both user comfort and password security requirements.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call