Researchers work out new, safer login system
Washington: Our unique login identity, verified by the network server, may be user friendly, but suffers from three major flaws -- anonymity of communicating users, misplaced trust and identity theft, a study reveals.
Researchers Mohamed Gouda and colleagues from University of Texas, Austin, have worked out a login based on a network linked with unlimited, user-selected list of pseudonyms, which can bypass all these problems.
The network authority server is then the only party, other than each user, that knows their address and which of their pool of pseudonyms is tied with the address at any given time, the International Journal of Security and Networks reported.
"The problem of anonymous communication over a network is an old and respected problem, and has inspired a considerable amount of research," the researchers explain, according to a university statement.
Papers dating back to at least 1981 have attempted to address this issue. Anonymized email based on encryption and the layered connection approach of the Tor protocol, and Onion routing, have been used successfully over the last couple of decades.
However, all of these approaches have scaling problems that limit the number of concurrent users without huge investment in network servers to carry the requisite data traffic.
Researchers explain that in their novel network structure users do not have identities. Users are contacted by searching for their pseudonyms, which they change frequently.
Authentication is done by the users themselves, not by the certification of a central authority. In this network, as there is no identity, there is no identity theft.
"We suggest that this may be a whole new kind of network, distinct from both traditional client-server and reputation-based peer-to-peer networks," a researcher said.