Echanges de clefs authentifiés par des mots de passe
Password-based authentication processes generally require that the user sends his password to the server to prove that he is indeed the person he pretends to be. This design becomes fundamentally unsecure when the user's secrets, namely the password, leaves his possession. It becomes vulnerable to TLS channel attack, server compromise, password miss-handling on the server, etc.
PAKE protocols make password-based authentication more secure by providing a way for a user to authenticate with a server without the password ever leaving the user's possession.
The goal of this project is to make a comparison between the main PAKE protocols and to present the first ever implementation of KHAPE, a strong asymmetric PAKE protocol. Performances of this protocol are analysed. In addition, a practical use case using the developed KHAPE library is also implemented. This use case is an online password manager in which clients authenticate using KHAPE.
Etudiant: Julien Béguin
Année: 2022
Département: TIC
Filière: Informatique et systèmes de communication (anciennement Télécommunications) avec orientation en Sécurité de l'information
Type de formation: Plein temps
Enseignant responsable: Alexandre Duc
Institut: IICT
Téléchargements:
- Télécharger l'affiche
- Télécharger le rapport