Preventing Attackers From Using Verifiers: A-Pake With Pk-Ids presented at RSAeu 2013

by Sean Parkinson,

Summary : To prevent attackers reading passwords from compromised servers, the passwords can be transformed into verifiers. This session presents a new mechanism that uses a server's identity, in the form of a public-private key pair, to protect verifiers from being used by an attacker. This mechanism is applied to A-PAKE schemes and used as the authentication method in cryptographic protocols.
- See more at: