Modular design for round-oriented password authentication protocols

Chi Chao Chang, Tzonelih Hwang

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


Password authentication has always been a natural choice for remote access in network applications. Although there have been many protocols of this kind exists today, few have seriously taken into account and exploited the duplex nature of modern communication networks. Given the capability to send and receive messages at the same time, it would be inefficient in terms of communication and computation resources for participants to wait for responses while doing nothing. There have also been a number of researches focus on parallelization of computations in step-oriented protocols. However, these protocols are often highly integrated and no modification is considered secure without rigorously analyzing them again. Thus, system designers who have restrictions and policies set for by their institutions may find that incorporating these protocols a dreadful task. In this paper, we seek to identify the functional modules in password authentication schemes and give a general procedure for generating protocols with these modules. We also give a proof of security for the generalized protocol produced from the procedure. With modular and round-oriented design, we show that flexible infrastructure can be built to provide sound solutions to password authentication in a wide range of hardware/software implementations and computing capabilities.

Original languageEnglish
Pages (from-to)1295-1308
Number of pages14
JournalJournal of Information Science and Engineering
Issue number5
Publication statusPublished - 2006 Sept

All Science Journal Classification (ASJC) codes

  • Software
  • Human-Computer Interaction
  • Hardware and Architecture
  • Library and Information Sciences
  • Computational Theory and Mathematics


Dive into the research topics of 'Modular design for round-oriented password authentication protocols'. Together they form a unique fingerprint.

Cite this