Encrypted key exchange: password-based protocols secure against dictionary attacks
Steven M. Bellovin,Michael Merritt +1 more
- pp 72-84
TLDR
A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.Abstract:
Classic cryptographic protocols based on user-chosen keys allow an attacker to mount password-guessing attacks. A combination of asymmetric (public-key) and symmetric (secret-key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. In particular, a protocol relying on the counter-intuitive motion of using a secret key to encrypt a public key is presented. Such protocols are secure against active attacks, and have the property that the password is protected against offline dictionary attacks. >read more
Citations
More filters
Journal ArticleDOI
Gateway-oriented password-authenticated key exchange protocol in the standard model
TL;DR: This paper presents the first provably-secure GPAKE protocol in the standard model, based on the 2-party password-authenticated key exchange protocol of Jiang and Gong, which is secure under the DDH assumption (without random oracles).
Book ChapterDOI
Secure hash-based password authentication protocol using smartcards
Hyunhee Jung,Hyunsung Kim +1 more
TL;DR: Security analysis shows that the proposed hash-based strong-password authentication protocol provides better security properties than the other related authentication protocols with the similar computational complexity with others.
Book ChapterDOI
Fuzzy Asymmetric Password-Authenticated Key Exchange
TL;DR: The notion of Fuzzy Asymmetric PAKE (fuzzy aPAKE), which protects against untrusted servers and supports noisy passwords, is introduced in the Universal Composability framework of Canetti (FOCS’01), which is the preferred model for passwordbased primitives.
Proceedings ArticleDOI
Transforming Password Protocols to Compose
TL;DR: Whether password protocols can be safely composed, even when a same password is reused is studied, and a transformation which maps a password protocol that is secure for a single protocol session (a decidable problem) to a protocol that are secure for an unbounded number of sessions is presented.
Patent
Method for establishing encrypted channel
Abstract: A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Journal ArticleDOI
A public key cryptosystem and a signature scheme based on discrete logarithms
TL;DR: A new signature scheme is proposed, together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem that relies on the difficulty of computing discrete logarithms over finite fields.
Book ChapterDOI
A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms
TL;DR: In this article, a new signature scheme is proposed together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem and the security of both systems relies on the difficulty of computing discrete logarithms over finite fields.
Book
Cryptography and data security
TL;DR: The goal of this book is to introduce the mathematical principles of data security and to show how these principles apply to operating systems, database systems, and computer networks.