KeyAuth: Bringing Public-key Authentication to the Masses
This addresses security and usability issues for users accessing network services, but it appears incremental as it applies existing public-key cryptography in a new implementation.
The paper tackles the problem of insecure and user-unfriendly password-based authentication by proposing KeyAuth, a generic public-key authentication service that aims to replace passwords and improve security for network resources, though no concrete numbers are provided.
Passwords are a fragile, inadequate, and insecure tool for authenticating users, and are especially fraught with problems when used to secure access to network resources and services. In many cases, passwords provide a false sense of security. Creating passwords which are both secure (i.e., hard for attackers to guess) and easy for humans to remember is, at best, a paradoxical task because these two criteria are diametrically opposed. Fortunately, a far more secure and user-friendly alternative is available. Public-key cryptography provides a means of both identifying and authenticating users without the need for passwords. KeyAuth is a generic and universal implementation of public-key authentication aimed at supplanting password-based authentication and significantly improving the security of network accessible resources by enhancing the usability of frequently used authentication mechanisms. KeyAuth is an application-, language-, operating system-, and protocol-independent public-key authentication service.