Nishikant Burande, Gumaste S.V.
Abstract: By using cryptographic key client and server establishes a connection in between them and authenticate each other. In other words they use password to authenticate that is Password-authenticated key exchange (PAKE). The password necessary to authenticate are stored in a single server. If server is hacked or due to insider attack it is compromised then all password may stole by hacker and they may misuse it. In this paper find a way to overcome this problem by using two servers to authenticate in which two servers cooperate to each other. If one server is compromised then attacker still cannot hack the passwords stored in server. For the said purpose two ways are there symmetric & asymmetric, in symmetric two servers equally contribute and in asymmetric one server authenticates the client with the help of another server. This paper presents a symmetric solution for two-server PAKE, where client can establish different cryptographic keys with two servers resp. Proposed protocol runs in parallel and is more efficient than existing symmetric two-server PAKE protocol.
Keywords: Cryptography, password only authenticated exchange, Diffie-Hellman key exchange, ElGamal encryption