Infinite alphabet passwords-a unified model for a class of authentication systems
AffiliationUniversity of Bedfordshire
MetadataShow full item record
Other TitlesProceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
AbstractIn the paper we propose a formal model for class of authentication systems termed, “Infinite Alphabet Password Systems” (IAPs). We define such systems as those that use a character set for the construction of the authentication token that is theoretically infinite, only bound by practical implementation restrictions. We find that the IAP architecture can feasibly be adapted for use in many real world situations, and may be implemented using a number of system architectures and cryptographic protocols. A security analysis is conducted on an implementation of the model that utilizes images for its underlying alphabet. As a result of the analysis we find that IAPs can offer security benefits over traditional alphanumeric password schemes. In particular some of the significant problems concerning phishing, pharming, replay, dictionary and offline brute force attacks are mitigated.
CitationGibson M, Conrad M, Maple C (2010) 'Infinite alphabet passwords-a unified model for a class of authentication systems', 2010 International Conference on Security and Cryptography (SECRYPT) - Athens, SciTePress.
TypeConference papers, meetings and proceedings
The following license files are associated with this item:
- Creative Commons
Except where otherwise noted, this item's license is described as http://creativecommons.org/licenses/by-nc-nd/4.0/