TY - GEN
T1 - A Study on Kerberos and Graphical Password-Based Web Authentication Scheme
AU - Murugan, Thangavel
AU - Sikdar, Sagar
AU - Semwal, Mihir
AU - Indira, K.
N1 - Publisher Copyright:
© 2024, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
PY - 2024
Y1 - 2024
N2 - Web authentication methods are subject to several attacks due to the rapid expansion of information technology. It is apparent that the evolution of authentication-bypassing strategies, from brute force to dictionary attacks, will advance. Simple word lists, for instance, are employed in traditional dictionary attacks to crack commonly used usernames and passwords. Robust hashing methods can be used to safeguard credentials sent via an insecure communication channel. However, hackers have created a novel hybrid method called a ‘rainbow attack’ that is like dictionary attacks but focuses on password hashes. In today’s digital era, traditional security methods like one-factor authentication are ineffective at combating the previously mentioned cyber-attacks. Even two-factor authentication may be bypassed using advanced cyber-methods. This work focuses on advanced cyber-techniques that can defeat even two-factor authentication. Server-side forging is one technique used to get around the restrictions imposed by two-factor authentication. Therefore, it is obvious that strong authentication entities are needed if the danger of credential bypassing needs to be lowered, especially in the Web 3.0 platform. In this proposed study, the objective is to discuss the authentication strategies and improved strategies based on Kerberos and graphical password.
AB - Web authentication methods are subject to several attacks due to the rapid expansion of information technology. It is apparent that the evolution of authentication-bypassing strategies, from brute force to dictionary attacks, will advance. Simple word lists, for instance, are employed in traditional dictionary attacks to crack commonly used usernames and passwords. Robust hashing methods can be used to safeguard credentials sent via an insecure communication channel. However, hackers have created a novel hybrid method called a ‘rainbow attack’ that is like dictionary attacks but focuses on password hashes. In today’s digital era, traditional security methods like one-factor authentication are ineffective at combating the previously mentioned cyber-attacks. Even two-factor authentication may be bypassed using advanced cyber-methods. This work focuses on advanced cyber-techniques that can defeat even two-factor authentication. Server-side forging is one technique used to get around the restrictions imposed by two-factor authentication. Therefore, it is obvious that strong authentication entities are needed if the danger of credential bypassing needs to be lowered, especially in the Web 3.0 platform. In this proposed study, the objective is to discuss the authentication strategies and improved strategies based on Kerberos and graphical password.
KW - Attacks
KW - Authentication
KW - Graphical password
KW - Kerberos
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85184081345&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85184081345&partnerID=8YFLogxK
U2 - 10.1007/978-981-99-8135-9_3
DO - 10.1007/978-981-99-8135-9_3
M3 - Conference contribution
AN - SCOPUS:85184081345
SN - 9789819981342
T3 - Lecture Notes in Networks and Systems
SP - 23
EP - 34
BT - Machine Intelligence for Research and Innovations - Proceedings of MAiTRI 2023
A2 - Verma, Om Prakash
A2 - Wang, Lipo
A2 - Kumar, Rajesh
A2 - Yadav, Anupam
PB - Springer Science and Business Media Deutschland GmbH
T2 - 1st International Conference on Machine Intelligence for Research and Innovations, MAiTRI 2023
Y2 - 1 September 2023 through 3 September 2023
ER -