A password-based authentication by splitting roles of user interface

Jung Seung Lee, Han Park, Gyeong Yong Bang, Joo Seok Song

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

Original languageEnglish
Title of host publicationCCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages1641-1643
Number of pages3
ISBN (Electronic)9781450338325
DOIs
Publication statusPublished - 2015 Oct 12
Event22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 - Denver, United States
Duration: 2015 Oct 122015 Oct 16

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
Volume2015-October
ISSN (Print)1543-7221

Other

Other22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015
CountryUnited States
CityDenver
Period15/10/1215/10/16

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this

Lee, J. S., Park, H., Bang, G. Y., & Song, J. S. (2015). A password-based authentication by splitting roles of user interface. In CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 1641-1643). (Proceedings of the ACM Conference on Computer and Communications Security; Vol. 2015-October). Association for Computing Machinery. https://doi.org/10.1145/2810103.2810107