AUTHENTICATION DATABASE LEAKAGE DETECTION

Authentication is the first step for any important applications. Password verification is widely employed in the Internet. Some advanced mechanisms including bio features, such as fingerprints or retina. However, digital password authentication credential is commonly used in the public. In other words, traditional password verification is still an important authentication credential mechanism for today's online services. Password database may be compromised. Once if the database is stolen, it is dangerous and critical for any services. Consequently, password database leakage becomes an important issue. Detection and countermeasure are essential for such a disaster. Our research proposing a scheme based on a authentication database storage mapping method to detect possible leakage of authentication database. By multiple mapping mechanism, if the authentication database is stolen, an attacker could not know any user's correct password. This method can reduce additional space of storing passwords with ability to detect security event for stolen authentication databases.