OPTIMAL ANALYSIS OF A HYBRID AUTHENTICATION SYSTEM: WEB SECURITY VERSUS SYSTEM PERFORMANCE

Ben Soh, Aaron Joy

2004

Abstract

A web authentication system uses a number of functions to provide integrity of messages sent between the client and the web server. These include hash functions, public key encryption, and nonce length. In this paper, we present an optimal analysis of investigating the effects of some different parameters on the web security and performance of the authentication system. Our main aim is to devise a technique to achieve the best of both worlds: optimal web security and system performance. To the best of our knowledge, such approach is the first attempt to combine the two dependability attributes in a quantitative study.

References

  1. A Joy and B Soh, “A proposed secure TCP connectionoriented model for e-commerce systems,” Proceedings of International Conference on Internet and Multimedia Systems and Applications, Hawaii, Aug 12-14, pp 68-73, 2002.
  2. C. Kaufman, R. Perlman, and M. Speciner. Network Security Private Communications in a Public World, Prentice Hall 1995.
  3. A. Jones, “Password authentication with insecure communication,” ACM Communications, vol. 24, number 11, 1981, pp 12-21.
  4. N.Haller, C. Metz, P. Nesser, and M. Straw . “A OneTime Password System,” RFC2289, February 1998, http://www.ietf.org.
  5. C. I'Anson and C. Mitchell. “Security defects in CCITT recommendation X.509 - The directory authentication framework,” Computer Communications Review, pp 45-53, April 1990.
  6. A. Menezes, P. van Oorschot and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.
  7. R.Rivest, “The MD5 Message-Digest Algorithm”, Internet RFC 1321, April 1992.
  8. B. Preneel, and A. Bosselaers, “The Cryptographic Hash Function RIPEMD-160”, CryptoBytes, vol 3, no 2, Autumn 1997.
  9. National Institute of Standards and Technology, SECURE HASH STANDARD, FIPS PUB 180-1, 1995. February 13 2001 http://www.itl.nist.gov/fipspubs/fip180-1.htm.
  10. R. M. Needham , “Denial Of Service,” Proceedings of the 1st ACM conference on Computer and Communications Security, pp 151-153, November 3-5, 1993, Fairfax, VA USA.
  11. National Institute Of Standards and Technology, FIPS 112 - Password Usage. 1995. September 2001, http://www.itl.nist.gov/fipspubs/fip112.htm.
  12. D. Eastlake, S Crocker, and J Schiller, “Randomness Recommendations for Security”, rfc1750, http://www.i
  13. SHA-1 2.51701.00002.5170 SHA-1 3.33440.75002.5008 SHA-1 3.73550.57502.1479 SHA-1 3.69410.69252.5582 SHA-1 3.48430.66752.3258 SHA-1 3.20200.71752.2974 SHA-1 3.65360.70752.5849 SHA-1 3.46860.70752.4469 SHA-1 3.80660.40751.5512 RIPEND- 2.61570.85752.2430 160
  14. RIPEND- 3.32230.60752.0183 160
  15. RIPEND- 3.67650.43251.5901 160
  16. RIPEND- 3.79220.55002.0857 160
  17. RIPEND- 3.51740.52501.8467 160
  18. RIPEND- 3.10560.57501.7857 160
  19. RIPEND- 3.63630.56502.0545 160
  20. RIPEND- 3.51250.56501.9846 160
  21. RIPEND- 3.71750.26500.9851 160
  22. MD5 2.58870.79502.0580 MD5 3.35570.54501.8289 MD5 3.72720.37001.3791 MD5 3.77790.48751.8417 MD5 3.52490.46251.6302 MD5 3.19800.51251.6390 MD5 3.66700.50251.8427 MD5 3.50880.50251.7631 MD5 3.76930.20250.7632
Download


Paper Citation


in Harvard Style

Soh B. and Joy A. (2004). OPTIMAL ANALYSIS OF A HYBRID AUTHENTICATION SYSTEM: WEB SECURITY VERSUS SYSTEM PERFORMANCE . In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE, ISBN 972-8865-15-5, pages 281-286. DOI: 10.5220/0001383502810286


in Bibtex Style

@conference{icete04,
author={Ben Soh and Aaron Joy},
title={OPTIMAL ANALYSIS OF A HYBRID AUTHENTICATION SYSTEM: WEB SECURITY VERSUS SYSTEM PERFORMANCE},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE,},
year={2004},
pages={281-286},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001383502810286},
isbn={972-8865-15-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE,
TI - OPTIMAL ANALYSIS OF A HYBRID AUTHENTICATION SYSTEM: WEB SECURITY VERSUS SYSTEM PERFORMANCE
SN - 972-8865-15-5
AU - Soh B.
AU - Joy A.
PY - 2004
SP - 281
EP - 286
DO - 10.5220/0001383502810286