Information Technology Reference
In-Depth Information
N2 & k and encrypts them using the hash of the password corresponding to the
received user name. This encrypted data is then sent to the prover.
The prover now decrypts the data using the hash of its password as key, fetches the
values of N1, N2 & K and verifies if the value of N1 received is same as the one it
had sent to the verifier. The nonce N1 here is used only to avoid any replay attack. If
the value of the received & the generated nonce do not match, then the received
message is discarded else it retrieves the session key. The prover then applies the
transformation function on the nonce N2, encrypts it with the received session key
and sends it to the verifier.
Once the verifier receives the encrypted message, it then decrypts the message with
the generated session key and matches it with the expected value. If match occurs, then
the user is allowed to login to his account and access resources else access is denied. As
in CHAP, in ZK-PAP, a series of challenges can be exchanged between the prover &
verifier through out the session to verify that only an authorized person is logged in.
The main advantages of this protocol are as follows:
The authentication is done without the need of the password to travel across the
wire.
The password in the password file on server is stored in encrypted format thus
making it less vulnerable to attacks.
The security of the protocol mainly depends on the strength of the encryption
algorithm being used. Thus using the standard algorithms like AES, DES etc will
provide high degree of security to the protocol.
Use of nonce at each step helps us prevent replay attacks.
Here it is assumed that the security of the server is not compromised else the protocol
becomes vulnerable to attacks. In this protocol, we can also use time stamp instead of
nonce, however that will incur an overhead of keeping all the communicating systems
synchronized in time.
Fig. 1.
Zero Knowledge Password Authentication Protocol
