scispace - formally typeset
Topic

Password cracking

About: Password cracking is a(n) research topic. Over the lifetime, 1438 publication(s) have been published within this topic receiving 31113 citation(s). The topic is also known as: password hacking & brute force cracking.
Papers
More filters

Journal ArticleDOI
Leslie Lamport1
TL;DR: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system.
Abstract: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system. The method assumes a secure one-way encryption function and can be implemented with a microcomputer in the user's terminal.

2,740 citations


Proceedings ArticleDOI
04 May 1992-
TL;DR: A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.
Abstract: Classic cryptographic protocols based on user-chosen keys allow an attacker to mount password-guessing attacks. A combination of asymmetric (public-key) and symmetric (secret-key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. In particular, a protocol relying on the counter-intuitive motion of using a secret key to encrypt a public key is presented. Such protocols are secure against active attacks, and have the property that the password is protected against offline dictionary attacks. >

1,523 citations


Book ChapterDOI
14 May 2000-
TL;DR: Correctness for the idea at the center of the Encrypted Key-Exchange protocol of Bellovin and Merritt is proved: it is proved security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.
Abstract: Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, off line, all possible passwords. While several such protocols have been suggested, the underlying theory has been lagging. We begin by defining a model for this problem, one rich enough to deal with password guessing, forward secrecy, server compromise, and loss of session keys. The one model can be used to define various goals. We take AKE (with "implicit" authentication) as the "basic" goal, and we give definitions for it, and for entity-authentication goals as well. Then we prove correctness for the idea at the center of the Encrypted Key-Exchange (EKE) protocol of Bellovin and Merritt: we prove security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.

1,339 citations


01 Feb 1995-
TL;DR: This document describes the S/KEY* One-Time Password system as released for public use by Bellcore and as described in reference [3].
Abstract: This document describes the S/KEY* One-Time Password system as released for public use by Bellcore and as described in reference [3]. A reference implementation and documentation are available by anonymous ftp from ftp.bellcore.com in the directories pub/nmh/...

579 citations


Proceedings ArticleDOI
05 Dec 2005-
TL;DR: This survey tries to answer two important questions: "Are graphical passwords as secure as text-based passwords?" and "What are the major design and implementation issues for graphical passwords?"
Abstract: The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. To address this problem, some researchers have developed authentication methods that use pictures as passwords. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. We classify these techniques into two categories: recognition-based and recall-based approaches. We discuss the strengths and limitations of each method and point out the future research directions in this area. We also try to answer two important questions: "Are graphical passwords as secure as text-based passwords?"; "What are the major design and implementation issues for graphical passwords?" This survey will be useful for information security researchers and practitioners who are interested in finding an alternative to text-based authentication methods

573 citations


11


Network Information
Related Topics (5)
Symmetric-key algorithm

6.3K papers, 113.5K citations

86% related
Mutual authentication

4.8K papers, 73.3K citations

86% related
Password strength

3.1K papers, 69.3K citations

86% related
Authentication

74.7K papers, 867.1K citations

85% related
Key management

9.3K papers, 159.9K citations

85% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20222
202153
202071
201981
201887
2017119

Top Attributes

Show by:

Topic's top 5 most impactful authors

Saru Kumari

19 papers, 623 citations

Ashok Kumar Das

16 papers, 654 citations

Dongho Won

12 papers, 92 citations

Muhammad Khurram Khan

11 papers, 730 citations

Eun-Jun Yoon

10 papers, 65 citations