Better Authentication Password Revolution by Evolution (Transcript of Discussion)

Conference paper

DOI: 10.1007/978-3-319-12400-1_14

Volume 8809 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Thomas D.R. (2014) Better Authentication Password Revolution by Evolution (Transcript of Discussion). In: Christianson B., Malcolm J., Matyáš V., Švenda P., Stajano F., Anderson J. (eds) Security Protocols XXII. Security Protocols 2014. Lecture Notes in Computer Science, vol 8809. Springer, Cham

Abstract

The problem is that passwords are a rubbish way of authenticating, and there has been a lot of work trying to deal with this. One of the problems is that if you have a shared secret scheme then you need a different secret for every pair of things. For every user they need a different secret per thing they are authenticating to. If they have several of devices then they need one set of these per device as well, so that if one of them is compromised then you don’t lose everything. However revocation and key management are then difficult. The problem with passwords is that you still have to use them because lots of things require a password input, and it’s hard to change that.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.University of CambridgeCambridgeUK