TPP: The Two-Way Password Protocol
The need for secure communication in the Internet has led to the widespread deployment of secure application-level protocols. The current state-of-the-art is to use TLS, in conjunction with a password protocol. The password protocol, which the authors call a One-way Password Protocol (OPP), authenticates the client to the server, using a particular secret called the password. TLS has two functions: It allows a user to authenticate the server; it ensures secure communication between client and server. The second function effectively provides a secure channel for end-to-end communication between client and server.