[01] Edward Danso Ansong, Department of Computer Science, Kwame Nkrumah University of Science & Technology, Kumasi, Ghana. [02] James Ben Hayfron-Acquah, Department of Computer Science, Kwame Nkrumah University of Science & Technology, Kumasi, Ghana.

In this paper we present a password authentication protocol over untrusted networks. This password authentication protocol stores user password in a non-plaintext equivalent therefore a breached database would not reveal enough information about the user password. This protocol relies on the strength of discrete logarithms with the Schnorr Signature Scheme and also goes further to satisfy all properties of a zero knowledge proof system.

Dictionary Attacks, Discrete Exponentiation, Zero Knowledge Proof System, Schnorr Signature Scheme

[01] Jan Leohard Camenisch, “Group Signature Schemes and Payment Systems Based on the Discrete Logarithm Problem”, 1998. [02] Ryan Cheu, Patrick Yang, Alexander Lin and Alexander Jaffe, “NARWHALL-An implementation of zero knowledge authentication”, 2014. [03] Wu, Thomas D, “The Secure Remote Password Protocol." 1998. [04] Babai, L., Trading group theory for randomness. Seventeenth Annual ACM Symposium on Theory of Computing, (pp. 421–429). Rhode Island, 1985. [05] Shafi Goldwasser, S. M, The knowledge complexity of interactive proof systems. 27th Annual Symposium on Foundations of Computer, (pp. 291–304). 1985. [06] Lynn, B. E- Voting – Stanford Cryptography, 2003. [07] Schnorr, C. P. Efficient signature generation for smart. Journal of Cryptology, 239–252. 1991. [08] Scott, M. M-Pin: A Multi-Factor Zero Knowledge. Certivox Labs, 2013. [09] Zhang, D. M. Zero-knowledge proofs of identity based on ELGAMAL on conic. E-Commerce Technology for Dynamic E-Business. IEEE International Conference. 2004. [10] Amos Fiat, U. F. Zero-knowledge proofs of identity. Journal of Cryptology, 77–94. 1988. [11] Lum Jia Jun, Brandon. Implementing zero-knowledge authentication with zero knowledge. The Python Papers Monograph 2.9 (2010). [12] David Jarosm Radek Kuchta. New Location – Based Authentication Techniques in the Access Management. Wireless and Mobile Communications 6^th International Conference, 2010. [13] Hang A, De Luca A, Smith M, Richter M, Hussmann H. Where Have You Been? Using Location-Based Security Questions for Fallback Authentication. Eleventh Symposium On Usable Privacy and Security (SOUPS2015), 2015. [14] Slawomir Grzonkowski, Wojciech Zaremba, Maciej Zaremba, Bill McDaniel. Extending Web Applications with a Lightweight Zero Knowledge Proof Authetication, 2008. [15] U. Thiruvaazhi, R. Divya. Web Application Protocol Using Zero Knowledge Proofs, Information Security Journal, 20:112-121, 2011. [16] D. G. Corneil, C. C. Gotlieb. An efficient algorithm for graph isomophism. J. ACM, 51-64, 1970.