← Back to contracts

SaTC: CORE: Small: New Directions for Client-Server Password Authentication

US NSF grant open #nsf-2453883

Summary

Passwords remain the most ubiquitous method for client-server authentication on the Internet, helping billions of people log in to their online accounts every day. The traditional approach to client-server password authentication is vulnerable to numerous attacks on the underlying public-key infrastructure, such as phishing attacks. In recent years, new cryptographic protocols that do not rely on the public-key infrastructure, such as asymmetric password-authenticated key exchange (aPAKE) and its strong variant (saPAKE), have been proposed and analyzed; these methods achieve better security, a

SaTC: CORE: Small: New Directions for Clie…
Onboard