Sciweavers

WWW
2009
ACM

PAKE-based mutual HTTP authentication for preventing phishing attacks

15 years 5 days ago
PAKE-based mutual HTTP authentication for preventing phishing attacks
We developed a new Web authentication protocol with passwordbased mutual authentication which prevents various kinds of phishing attacks. This protocol provides a protection of user's passwords against any phishers even if a dictionary attack is employed, and prevents phishers from imitating a false sense of successful authentication to users. The protocol is designed considering interoperability with many recent Web applications which requires many features which current HTTP authentication does not provide. The protocol is proposed as an Internet Draft submitted to IETF, and implemented in both server side (as an Apache extension) and client side (as a Mozilla-based browser and an IE-based one). Categories and Subject Descriptors: K.6.5 [Management of Computing and Information Systems]: Security and Protection-Authentication General Terms: Security, Standardization.
Yutaka Oiwa, Hiromitsu Takagi, Hajime Watanabe, Hi
Added 21 Nov 2009
Updated 21 Nov 2009
Type Conference
Year 2009
Where WWW
Authors Yutaka Oiwa, Hiromitsu Takagi, Hajime Watanabe, Hirofumi Suzuki
Comments (0)