PAKE-based mutual HTTP authentication for preventing phishing attacks

14 years 5 months ago

Download www2009.eprints.org

We developed a new Web authentication protocol with passwordbased mutual authentication which prevents various kinds of phishing attacks. This protocol provides a protection of user's passwords against any phishers even if a dictionary attack is employed, and prevents phishers from imitating a false sense of successful authentication to users. The protocol is designed considering interoperability with many recent Web applications which requires many features which current HTTP authentication does not provide. The protocol is proposed as an Internet Draft submitted to IETF, and implemented in both server side (as an Apache extension) and client side (as a Mozilla-based browser and an IE-based one). Categories and Subject Descriptors: K.6.5 [Management of Computing and Information Systems]: Security and Protection-Authentication General Terms: Security, Standardization.

Yutaka Oiwa, Hiromitsu Takagi, Hajime Watanabe, Hi

Real-time Traffic

Current Http Authentication | Internet Technology | Passwordbased Mutual Authentication | Web Authentication Protocol | WWW 2009 |

claim paper

» Phoolproof Phishing Prevention

» SPP An antiphishing single password protocol

Post Info
More Details (n/a)

Added	21 Nov 2009
Updated	21 Nov 2009
Type	Conference
Year	2009
Where	WWW
Authors	Yutaka Oiwa, Hiromitsu Takagi, Hajime Watanabe, Hirofumi Suzuki

Comments (0)

Sciweavers

PAKE-based mutual HTTP authentication for preventing phishing attacks

Current Http Authentication | Internet Technology | Passwordbased Mutual Authentication | Web Authentication Protocol | WWW 2009 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers