Return to search

Vulnerabililty Analysis of Multi-Factor Authentication Protocols

In this thesis, the author hypothesizes that the use of computationally intensive mathematical operations in password authentication protocols can lead to security vulnerabilities in those protocols. In order to test this hypothesis: 1. A generalized algorithm for cryptanalysis was formulated to perform a clogging attack (a formof denial of service) on protocols that use computationally intensive modular exponentiation to guarantee security. 2. This technique was then applied to cryptanalyze four recent password authentication protocols, to determine their susceptibility to the clogging attack. The protocols analyzed in this thesis differ in their usage of factors (smart cards, memory drives, etc.) or their method of communication (encryption, nonces, timestamps, etc.). Their similarity lies in their use of computationally intensivemodular exponentiation as amediumof authentication. It is concluded that the strengths of all the protocols studied in this thesis can be combined tomake each of the protocols secure from the clogging attack. The conclusion is supported by designing countermeasures for each protocol against the clogging attack.

Identiferoai:union.ndltd.org:unf.edu/oai:digitalcommons.unf.edu:etd-1698
Date01 January 2016
CreatorsGarrett, Keith
PublisherUNF Digital Commons
Source SetsUniversity of North Florida
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceUNF Theses and Dissertations

Page generated in 0.0017 seconds