Full Program »
Towards Practical Anonymous Password Authentication
Final Paper 894KB | Presentation 215KB |
Yanjiang Yang
Institute for Infocomm Research
Singapore
Jianying Zhou
Institute for Infocomm Research
Singapore
Jun Wen Wong
Institute for Infocomm Research
Singapore
Feng Bao
Institute for Infocomm Research
Singapore
Abstract:
The conventional approach for anonymous password authentication
incurs O(N) server computation, linear to the total number of users. In ACSAC'09, Yang et al. proposed a new approach for anonymous password authentication, breaking this lower bound. However, Yang et al.'s scheme has not considered membership withdrawal and online guessing attacks, two issues must be addressed before anonymous password authentication is acceptable for practical use. Thus our main
thrust in this work is to provide solutions to these issues. We do not just work upon Yang et al.'s scheme; rather, we use a set of different primitives, and as a result, our scheme has much better performance. We prove the security of our scheme. Furthermore, we empirically evaluate the efficiency of our scheme, and implement a proof-of-concept prototype.