¡@

Password authentication has always been a natural choice for remote access in many network applications. Although there have been many protocols of this kind exists today, few have seriously taken into account and exploited the duplex nature of modern communication networks. Given the capability to send and receive messages at the same time, it would be inefficient in terms of communication and computation resources for participants to wait for responses while doing nothing. There have also been a number of researches focus on parallelization of computations in step-oriented protocols. However, these protocols are often highly integrated and no modification is considered secure without rigorously analyze them again. Thus, system designers who have restrictions and policies set for by their institutions may find that incorporating these protocols a dreadful task. In this paper, we seek to identify the functional modules in password authentication schemes and give a general procedure for generating protocols with these modules. We also give a proof of security for the generalized protocol produced from the procedure. With modular and round-oriented design, we show that flexible infrastructure can be built to provide sound solutions to password authentication in a wide range of hardware/ software implementations and computing capabilities.

Keywords: password authentication, network security, authenticated key exchange, key distribution, cryptography, information system

Retrieve PDF document (200609_18.pdf)

Received June 17, 2004; revised November 16, 2004 & April 26, 2005; accepted November 2, 2005.
Communicated by Shiuhpyng Shieh.