ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
PAKE-based mutual HTTP authentication for preventing phishing attacks
Full text PdfPdf (491 KB)
Source
International World Wide Web Conference archive
Proceedings of the 18th international conference on World wide web table of contents
Madrid, Spain
POSTER SESSION: Thursday, April 23, 2009 table of contents
Pages 1143-1144  
Year of Publication: 2009
ISBN:978-1-60558-487-4
Authors
Yutaka Oiwa  National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan
Hiromitsu Takagi  National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan
Hajime Watanabe  National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan
Hirofumi Suzuki  Yahoo! Japan, Inc., Tokyo, Japan
Sponsor
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 18,   Downloads (12 Months): 103,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1526709.1526898
What is a DOI?

ABSTRACT

We developed a new Web authentication protocol with password-based mutual authentication which prevents various kinds of phishing attacks. This protocol provides a protection of user's passwords against any phishers even if a dictionary attack is employed, and prevents phishers from imitating a false sense of successful authentication to users. The protocol is designed considering interoperability with many recent Web applications which requires many features which current HTTP authentication does not provide. The protocol is proposed as an Internet Draft submitted to IETF, and implemented in both server side (as an Apache extension) and client side (as a Mozilla-based browser and an IE-based one).


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Y. Oiwa, H. Watanabe, H. Takagi and H. Suzuki, Mutual Authentication Protocol for HTTP Internet Draft available at https://datatracker.ietf.org/drafts/draft-oiwa-http-mutualauth/.

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.2 Network Protocols
          Subjects: Applications (SMTP, FTP, etc.)


General Terms:
Security, Standardization


Keywords:
http, mutual authentication, web systems

Collaborative Colleagues:
Yutaka Oiwa: colleagues
Hiromitsu Takagi: colleagues
Hajime Watanabe: colleagues
Hirofumi Suzuki: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player