Authentication Protocols

In single password based anti-phishing protocol, client can use single password for different online accounts and that password can not be detected by any of the malicious servers or the attacker. Proposed cookies based and an inverse cookie based virtual password authentication protocols are very effective to thwart online dictionary attacks because the computation cost of login on to the web server increases exponentially with each login failure for an attacker. We proposed an efficient SSO password based two-server architecture in which the user has to login once to get a valid ticket. Improvements to several static and dynamic identity based authentication protocols have also been suggested. The proposed dynamic identity based authentication protocols aim to provide the privacy to the user's identity so that users are anonymous in communication channel. Also the concept of two- tier authentication for the client makes it difficult for an attacker to guess out the information pertaining to password and ticket. The work presented in this book is a step toward making e-commerce transactions more reliable and secure.