Encrypted key exchange: password-based protocols secure against dictionary attacks
Citations
13 citations
13 citations
13 citations
Additional excerpts
...[4] S. M. Bellovin and M. Merritt, ‘‘Encrypted key exchange: Password-based protocols secure against dictionary attacks,’’ in Proc....
[...]
...The concept of PAKE was introduced by Bellovin and Merritt [4]....
[...]
13 citations
Cites methods from "Encrypted key exchange: password-ba..."
...Since introduction of the first PAKE protocol in 1992 [4], many PAKE protocols have been proposed....
[...]
13 citations
Cites background from "Encrypted key exchange: password-ba..."
...Finally, we rely on a secure key-exchange protocol that is guessing resilient, i.e., the Encrypted Key Exchange (EKE) [1], [2] and one if its derivatives [15], which are known to achieve provable security....
[...]
...9254 VOLUME 8, 2020 A. EXCHANGING ACCELEROMETER DATA WITH EKE-DH In Figure 13 we depict the flowchart of the key-exchange process starting from synchronization, collecting the data then processing and splitting it into ` windows for the final key-exchange....
[...]
...In case of the elliptical curve version of the EKE-DH protocol, decryption of the key shares, i.e., ew(aP) and ew(bP), may result in points that do not belong to the curve....
[...]
...Each of the two phones, A and B, follows the procedures below over wireless connectivity (Bluetooth in our experiments): 1) Coll(1) in which both phones A and B collect data during a fixed time-windows 1, apply the filtering algorithms (time-alignment, scaling, high-pass and sigma-delta modulation accordingly) then split the data into ` windows, i.e., wid1 ,w id 2 , . . . ,w id ` where id ∈ {A,B}; 2) EKE−DH(widi , id ∈ {A,B}, i = 1..`) in which phones A and B exchange data using the Diffie-Hellman version of the EKE protocol by encrypting the Diffie-Hellman key-shares with the data from each window w, i.e., for i = 1..l A→ B : ew1 (g a1 )modp B→ A : ew1 (g b1 )modp,H (sk1, 1) A→ B : H (sk1, 2) . . ....
[...]
...[13] F. Hao and S. F. Shahandashti, ‘‘The SPEKE protocol revisited,’’ in Proc....
[...]
References
14,980 citations
"Encrypted key exchange: password-ba..." refers background or methods in this paper
...ElGamal’s algorithm is derived from the DiffieHellman exponential key exchange protocol[2]; accordingly, we will review the latter first....
[...]
...And even this risk is minimal if B performs certain checks to guard against easily-solvable choices: that β is indeed prime, that it is large enough (and hence not susceptible to precalculation of tables), that β − 1 have at least one large prime factor (to guard against Pohlig and Hellman’s algorithm[13]), and that α is a primitive root of GF (β)....
[...]
...The use given above for asymmetric encryption — simply using it to pass a key for a symmetric encryption system — is an example of what Diffie and Hellman[2] call a public key distribution system....
[...]
...It works especially well with exponential key exchange [2]....
[...]
14,659 citations
"Encrypted key exchange: password-ba..." refers methods in this paper
...Section 2 describes the asymmetric cryptosystem variant and implementations using RSA[ 3 ] and ElGamal[4]....
[...]
...We will use RSA[ 3 ] to illustrate the difficulties....
[...]
7,514 citations
2,351 citations
1,937 citations
"Encrypted key exchange: password-ba..." refers background in this paper
...Can such a random odd number less than a known n be distinguished from a valid public key e? Assume that p and q are chosen to be of the form 2p′ + 1 and 2q′ + 1, where p′ and q′ are primes, a choice that is recommended for other reasons [9]....
[...]