Applying parsekey+ as a new multi-way client and server authentication approach to resolve imperfect counter utilization in IEEE802.11i for impersonation avoidance

Abstract

This paper presents the ParseKey+, an approach to a new highlysecure and safe authentication service. The scheme includes authentication process for both client and server sides in addition to passwords of each side. ParseKey+ employs transposition to hide the encrypted key in a key file retrievable only by the other side knowing the indices and lengths of sub-keys inside ParseKey+ encrypted file. ParseKey+ avoids client and server impersonations in addition to mutual client/server authentication. Therefore, the ParseKey+ scheme avoids counter-reply attack. The key file is changed at each signing on procedure. The key file is an additional security beyond the login password which avoids client and server impersonation. © 2008 Atilla Elçi.