Path: Top -> Journal -> Telkomnika -> 2019 -> Vol 17, No 2, April 2019
Guillou-quisquater protocol for user authentication based on zero knowledge proof
Oleh : Kevin Kusnardi, Dennis Gunawan, Telkomnika
Dibuat : 2019-05-16, dengan 1 file
Keyword : cryptography, guillou-quisquater, security, user authentication, zero knowledge proof
Url : http://journal.uad.ac.id/index.php/TELKOMNIKA/article/view/11754
Sumber pengambilan dokumen : WEB
Authentication is the act of confirming the validity of someones personal data. In the traditional authentication system, username and password are sent to the server for verification. However, this scheme is not secure, because the password can be sniffed. In addition, the server will keep the users password for the authentication. This makes the system vulnerable when the database server is hacked. Zero knowledge authentication allows server to authenticate user without knowing the users password. In this research, this scheme was implemented with Guillou-Quisquater protocol. Two login mechanisms were used: file-based certificate with key and local storage. Testing phase was carried out based on the Open Web Application Security Project (OWASP) penetration testing scheme. Furthermore, penetration testing was also performed by an expert based on Acunetix report. Three potential vulnerabilities were found and risk estimation was calculated. According to OWASP risk rating, these vulnerabilities were at the medium level.
Beri Komentar ?#(0) | Bookmark
| Properti | Nilai Properti |
|---|---|
| ID Publisher | gdlhub |
| Organisasi | Telkomnika |
| Nama Kontak | Herti Yani, S.Kom |
| Alamat | Jln. Jenderal Sudirman |
| Kota | Jambi |
| Daerah | Jambi |
| Negara | Indonesia |
| Telepon | 0741-35095 |
| Fax | 0741-35093 |
| E-mail Administrator | elibrarystikom@gmail.com |
| E-mail CKO | elibrarystikom@gmail.com |
Print ...
Kontributor...
- , Editor: sustriani
Download...
Download hanya untuk member.
11754-32407-1-PB
File : 11754-32407-1-PB.pdf
(563192 bytes)