KeyAuth: Bringing Public-key Authentication to the Masses
Abstract
Passwords are a fragile, inadequate, and insecure tool for authenticating users, and are especially fraught with problems when used to secure access to network resources and services. In many cases, passwords provide a false sense of security. Creating passwords which are both secure (i.e., hard for attackers to guess) and easy for humans to remember is, at best, a paradoxical task because these two criteria are diametrically opposed. Fortunately, a far more secure and user-friendly alternative is available. Public-key cryptography provides a means of both identifying and authenticating users without the need for passwords. KeyAuth is a generic and universal implementation of public-key authentication aimed at supplanting password-based authentication and significantly improving the security of network accessible resources by enhancing the usability of frequently used authentication mechanisms. KeyAuth is an application-, language-, operating system-, and protocol-independent public-key authentication service.
Cite
@article{arxiv.1209.0967,
title = {KeyAuth: Bringing Public-key Authentication to the Masses},
author = {Travis Z. Suel},
journal= {arXiv preprint arXiv:1209.0967},
year = {2012}
}
Comments
6 pages, 1 figure, 1 table