Encrypted key exchange: password-based protocols secure against dictionary attacks
Citations
15 citations
Cites methods from "Encrypted key exchange: password-ba..."
...To date, several PAKE protocols have been proposed, including the Encrypted Key Exchange (EKE) [3, 4], Secure Password Exponential Key Exchange (SPEKE) [18, 17], Simple Remote Password (SRP) [30], the PAK protocol [5], the BPR00 protocol [1], the SNAPI protocol [23], and the KOY01 protocol [20]....
[...]
...A new protocol paradigm following this path, called password-authenticated key exchange (PAKE), was developed [3]....
[...]
...The SPEKE, SRP, PAK and KOY01 protocols use the Diffie-Hellman key exchange algorithm [12] while BPR00 and SNAPI use the RSA algorithm [27]....
[...]
15 citations
Cites background from "Encrypted key exchange: password-ba..."
...In 1992, Bellovin and Merritt [1] introduced encrypted key exchange (or EKE) protocols, which allow...
[...]
...Since the work of Bellovin andMerritt [1], password-only authenticated key exchange (PAKE) protocols have attracted much greater attention mainly due to the persistent popularity of passwords as a practical (and cheap) authentication method [2]....
[...]
...In 1992, Bellovin and Merritt [1] introduced encrypted key exchange (or EKE) protocols, which allow arbitrary two parties, who share only a lowentropy password, to establish a common highentropy secret key (called a session key) over an insecure public network....
[...]
15 citations
Cites background from "Encrypted key exchange: password-ba..."
...Further, an efficient and elegant scheme for EKE that was considered for standardization by the IEEE P1363 Standard working group is AuthA, which was later enhanced by Bresson et al. in [8] to resist the denial-of-service attack....
[...]
...Later, Bellovin and Merrit presented a password based key exchange protocol for two-party communications known as Encrypted Key Exchange (EKE) [7]....
[...]
...In [30], Zhang showed that Strong Password only Authenticated Key Exchange (SPEKE), a password authenticated key exchange protocol defined in [15] was susceptible to password guessing attack....
[...]
15 citations
Cites background from "Encrypted key exchange: password-ba..."
...There has been a great deal of related work [1], [2], [6], [7], [8], [9], [11], while several methods...
[...]
15 citations
References
14,980 citations
"Encrypted key exchange: password-ba..." refers background or methods in this paper
...ElGamal’s algorithm is derived from the DiffieHellman exponential key exchange protocol[2]; accordingly, we will review the latter first....
[...]
...And even this risk is minimal if B performs certain checks to guard against easily-solvable choices: that β is indeed prime, that it is large enough (and hence not susceptible to precalculation of tables), that β − 1 have at least one large prime factor (to guard against Pohlig and Hellman’s algorithm[13]), and that α is a primitive root of GF (β)....
[...]
...The use given above for asymmetric encryption — simply using it to pass a key for a symmetric encryption system — is an example of what Diffie and Hellman[2] call a public key distribution system....
[...]
...It works especially well with exponential key exchange [2]....
[...]
14,659 citations
"Encrypted key exchange: password-ba..." refers methods in this paper
...Section 2 describes the asymmetric cryptosystem variant and implementations using RSA[ 3 ] and ElGamal[4]....
[...]
...We will use RSA[ 3 ] to illustrate the difficulties....
[...]
7,514 citations
2,351 citations
1,937 citations
"Encrypted key exchange: password-ba..." refers background in this paper
...Can such a random odd number less than a known n be distinguished from a valid public key e? Assume that p and q are chosen to be of the form 2p′ + 1 and 2q′ + 1, where p′ and q′ are primes, a choice that is recommended for other reasons [9]....
[...]