On Compromising Password-Based Authentication over HTTPS

Vienna, Austria April 18-April 20

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/AINA.2006.244

20th International Conference on Adva ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Takamichi SAITO Articles by Ryosuke HATSUGAI Articles by Toshiyuki KIT0

	ASCII Text	x
	Takamichi SAITO, Ryosuke HATSUGAI, Toshiyuki KIT0, "On Compromising Password-Based Authentication over HTTPS," Advanced Information Networking and Applications, International Conference on, vol. 1, pp. 869-874, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06), 2006.

	BibTex	x
	@article{ 10.1109/AINA.2006.244, author = {Takamichi SAITO and Ryosuke HATSUGAI and Toshiyuki KIT0}, title = {On Compromising Password-Based Authentication over HTTPS}, journal ={Advanced Information Networking and Applications, International Conference on}, volume = {1}, year = {2006}, issn = {1550-445X}, pages = {869-874}, doi = {http://doi.ieeecomputersociety.org/10.1109/AINA.2006.244}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Advanced Information Networking and Applications, International Conference on TI - On Compromising Password-Based Authentication over HTTPS SN - 1550-445X SP869 EP874 A1 - Takamichi SAITO, A1 - Ryosuke HATSUGAI, A1 - Toshiyuki KIT0, PY - 2006 KW - null VL - 1 JA - Advanced Information Networking and Applications, International Conference on ER -

Takamichi SAITO, Meiji University, JAPAN

Ryosuke HATSUGAI, Meiji University, JAPAN

Toshiyuki KIT0, Meiji University, JAPAN

SSL (Secure Socket Layer) is one of the security protocols to achieve secure communications over a TCP/IP network. SSL has two types of authentication modes, Server Authentication mode and Client Authentication mode. The former is popular and facile to utilize, while the latter is secure enough owing to mutual authentication. However, when it was required to identify a client or its user, Server Authentication mode can be utilized with Basic Authentication which is authentacation with password to achieve mutual authentication. In this paper, we discuss the compromising of authentication using the password-based authentication over SSL. And we show the countermeasures against the attaclcs.

Citation:

Takamichi SAITO, Ryosuke HATSUGAI, Toshiyuki KIT0, "On Compromising Password-Based Authentication over HTTPS," aina, vol. 1, pp.869-874, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.