Authentication two passwords, both could be vulnerable to leakage

Authentication refers
to the task of verifying the identity of a person/software

connecting to an
application. The simplest form of authentication consists of a

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

secret password that
must be presented when a user connects to the application.

Unfortunately,
passwords are easily compromised, for example, by guessing, or

by sniffing of packets
on the network if the passwords are not sent encrypted.

More robust schemes are
needed for critical applications, such as online bank

accounts. Encryption is
the basis for more robust authentication schemes.

Many applications use two-factor
authentication, where two independent

factors
(that is, pieces of information or processes) are used to identify
a user. The

two factors should not share a common
vulnerability; for example, if a system

merely required two passwords, both
could be vulnerable to leakage in the same

manner. While biometrics such as
fingerprints or iris scanners can be used in

situations where a user is
physically present at the point of authentication, they

are not very meaningful across a
network. Passwords are used as the first factor in most such two-factor
authentication schemes. Smart cards or other encryption devices connected
through the USB

interface, which can be used for
authentication based on encryption techniques are widely used as second
factors.

 Encryption refers to the process of
transforming data into a form that is unreadable,unless the reverse process of
decryption is applied. Encryption algorithmsuse an encryption key to perform
encryption, and require a decryption key (whichcould be the same as the encryption
key depending on the encryption algorithmused) to perform decryption.The oldest uses of encryption were
for transmitting messages, encryptedusing a secret key known only to
the sender and the intended receiver. Even ifthemessage is intercepted by an
enemy, the enemy, not knowing the key, will notbe able to decrypt and understand
the message. Encryption is widely used todayfor protecting data in transit in a
variety of applications such as data transfer onthe Internet, and on cellular phone
networks. Encryption is also used to carry out

other tasks, such as authentication