An Authenticated Method for a Secure Changing Password

Mostefa Kara; Konstantinos Karampidis; Laid Kenioua; Manolis Karampidis; Muath Alshaikh; Giorgos Papadourakis; Abdelkader Laouid

doi:10.1109/EEITE61750.2024.10654422

An Authenticated Method for a Secure Changing Password

Mostefa Kara^*, Konstantinos Karampidis, Laid Kenioua, Manolis Karampidis, Muath Alshaikh, Giorgos Papadourakis, Abdelkader Laouid

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Despite their age, passwords are still widely used more than ever. In many cases, it is the solution that best fits the usage scenario. Researchers are proposing innovative designs and methods to support these scenarios. Many systems, especially sensitive ones, need to change the password. Classic systems rely on changing passwords in two stages, the first i s authentication, which usually consists of two or three rounds, and the second is creating a new password (PW), which also consists of two or three rounds. In this paper, a hidden transmission of a new random PW using the previous one is presented, we talk about an authenticated changing of PW. The verifier g enerates half of the new password and sends it to the prover, the prover authenticates the sent message using the old PW and then returns the authentication proof. After checking it, the verifier creates the second half of the PW. The proposed method combines the authentication and change PW processes into one process consisting of 3 rounds. Therefore, the proposal facilitates the process of automatic periodic change of PW between two entities (user, app, system, etc). Analysis and experiments show that our technique is robust, lightweight, and reduces many potential risks in the field.

Original language	English
Title of host publication	EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9798350372878
DOIs	https://doi.org/10.1109/EEITE61750.2024.10654422
State	Published - 2024
Externally published	Yes
Event	5th International Conference in Electronic Engineering, Information Technology and Education, EEITE 2024 - Chania, Greece Duration: 29 May 2024 → 31 May 2024

Publication series

Name	EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education

Conference

Conference	5th International Conference in Electronic Engineering, Information Technology and Education, EEITE 2024
Country/Territory	Greece
City	Chania
Period	29/05/24 → 31/05/24

Bibliographical note

Publisher Copyright:
© 2024 IEEE.

Keywords

Authentication
Distributed system
P2P Networks
Password
Privacy
Security

ASJC Scopus subject areas

Information Systems
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality
Electronic, Optical and Magnetic Materials
Artificial Intelligence
Computer Vision and Pattern Recognition
Modeling and Simulation
Education

Access to Document

10.1109/EEITE61750.2024.10654422

Cite this

Kara, M., Karampidis, K., Kenioua, L., Karampidis, M., Alshaikh, M., Papadourakis, G., & Laouid, A. (2024). An Authenticated Method for a Secure Changing Password. In EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education (EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/EEITE61750.2024.10654422

Kara, Mostefa ; Karampidis, Konstantinos ; Kenioua, Laid et al. / An Authenticated Method for a Secure Changing Password. EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education. Institute of Electrical and Electronics Engineers Inc., 2024. (EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education).

@inproceedings{1c4589daaa244edc8690f836de0dad6a,

title = "An Authenticated Method for a Secure Changing Password",

abstract = "Despite their age, passwords are still widely used more than ever. In many cases, it is the solution that best fits the usage scenario. Researchers are proposing innovative designs and methods to support these scenarios. Many systems, especially sensitive ones, need to change the password. Classic systems rely on changing passwords in two stages, the first i s authentication, which usually consists of two or three rounds, and the second is creating a new password (PW), which also consists of two or three rounds. In this paper, a hidden transmission of a new random PW using the previous one is presented, we talk about an authenticated changing of PW. The verifier g enerates half of the new password and sends it to the prover, the prover authenticates the sent message using the old PW and then returns the authentication proof. After checking it, the verifier creates the second half of the PW. The proposed method combines the authentication and change PW processes into one process consisting of 3 rounds. Therefore, the proposal facilitates the process of automatic periodic change of PW between two entities (user, app, system, etc). Analysis and experiments show that our technique is robust, lightweight, and reduces many potential risks in the field.",

keywords = "Authentication, Distributed system, P2P Networks, Password, Privacy, Security",

author = "Mostefa Kara and Konstantinos Karampidis and Laid Kenioua and Manolis Karampidis and Muath Alshaikh and Giorgos Papadourakis and Abdelkader Laouid",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 5th International Conference in Electronic Engineering, Information Technology and Education, EEITE 2024 ; Conference date: 29-05-2024 Through 31-05-2024",

year = "2024",

doi = "10.1109/EEITE61750.2024.10654422",

language = "English",

series = "EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education",

address = "United States",

}

Kara, M, Karampidis, K, Kenioua, L, Karampidis, M, Alshaikh, M, Papadourakis, G & Laouid, A 2024, An Authenticated Method for a Secure Changing Password. in EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education. EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education, Institute of Electrical and Electronics Engineers Inc., 5th International Conference in Electronic Engineering, Information Technology and Education, EEITE 2024, Chania, Greece, 29/05/24. https://doi.org/10.1109/EEITE61750.2024.10654422

An Authenticated Method for a Secure Changing Password. / Kara, Mostefa; Karampidis, Konstantinos; Kenioua, Laid et al.
EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education. Institute of Electrical and Electronics Engineers Inc., 2024. (EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - An Authenticated Method for a Secure Changing Password

AU - Kara, Mostefa

AU - Karampidis, Konstantinos

AU - Kenioua, Laid

AU - Karampidis, Manolis

AU - Alshaikh, Muath

AU - Papadourakis, Giorgos

AU - Laouid, Abdelkader

PY - 2024

Y1 - 2024

N2 - Despite their age, passwords are still widely used more than ever. In many cases, it is the solution that best fits the usage scenario. Researchers are proposing innovative designs and methods to support these scenarios. Many systems, especially sensitive ones, need to change the password. Classic systems rely on changing passwords in two stages, the first i s authentication, which usually consists of two or three rounds, and the second is creating a new password (PW), which also consists of two or three rounds. In this paper, a hidden transmission of a new random PW using the previous one is presented, we talk about an authenticated changing of PW. The verifier g enerates half of the new password and sends it to the prover, the prover authenticates the sent message using the old PW and then returns the authentication proof. After checking it, the verifier creates the second half of the PW. The proposed method combines the authentication and change PW processes into one process consisting of 3 rounds. Therefore, the proposal facilitates the process of automatic periodic change of PW between two entities (user, app, system, etc). Analysis and experiments show that our technique is robust, lightweight, and reduces many potential risks in the field.

AB - Despite their age, passwords are still widely used more than ever. In many cases, it is the solution that best fits the usage scenario. Researchers are proposing innovative designs and methods to support these scenarios. Many systems, especially sensitive ones, need to change the password. Classic systems rely on changing passwords in two stages, the first i s authentication, which usually consists of two or three rounds, and the second is creating a new password (PW), which also consists of two or three rounds. In this paper, a hidden transmission of a new random PW using the previous one is presented, we talk about an authenticated changing of PW. The verifier g enerates half of the new password and sends it to the prover, the prover authenticates the sent message using the old PW and then returns the authentication proof. After checking it, the verifier creates the second half of the PW. The proposed method combines the authentication and change PW processes into one process consisting of 3 rounds. Therefore, the proposal facilitates the process of automatic periodic change of PW between two entities (user, app, system, etc). Analysis and experiments show that our technique is robust, lightweight, and reduces many potential risks in the field.

KW - Authentication

KW - Distributed system

KW - P2P Networks

KW - Password

KW - Privacy

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85204515222&partnerID=8YFLogxK

U2 - 10.1109/EEITE61750.2024.10654422

DO - 10.1109/EEITE61750.2024.10654422

M3 - Conference contribution

AN - SCOPUS:85204515222

T3 - EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education

BT - EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 5th International Conference in Electronic Engineering, Information Technology and Education, EEITE 2024

Y2 - 29 May 2024 through 31 May 2024

ER -

Kara M, Karampidis K, Kenioua L, Karampidis M, Alshaikh M, Papadourakis G et al. An Authenticated Method for a Secure Changing Password. In EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education. Institute of Electrical and Electronics Engineers Inc. 2024. (EEITE 2024 - Proceedings of 2024 5th International Conference in Electronic Engineering, Information Technology and Education). doi: 10.1109/EEITE61750.2024.10654422

An Authenticated Method for a Secure Changing Password

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this