Showing papers on "Password strength published in 2003"

Security proofs for an efficient password-based key exchange

Abstract: Password-based key exchange schemes are designed to provide entities communicating over a public network, and sharing a (short) password only, with a session key (e.g, the key is used for data integrity and/or confidentiality). The focus of the present paper is on the analysis of very efficient schemes that have been proposed to the IEEE P1363 Standard working group on password-based authenticated key-exchange methods, but which actual security was an open problem. We analyze the AuthA key exchange scheme and give a complete proof of its security. Our analysis shows that the AuthA protocol and its multiple modes of operations are provably secure under the computational Diffie-Hellman intractability assumption, in both the random-oracle and the ideal-ciphers models.

Password encryption key

Abstract: A password-encrypted key (PEK) is generated from a user-supplied password or other identifyting data and then used to encrypt the user's password. The encrypted password is stored in a user record on a server. At login a would-be user's password is again used to make a key, which is then used to decrypt and compare the stored encrypted password with the would-be user's password to complete the login. The successful PEK is stored in a temporary session record and can be used to decrypt other sensitive user information previously encrypted and stored in the user record as well as to encrypt new information for storage in the user record. A public/private key system can also be used to maintain limited access for the host to certain information in the user record.

Provably secure threshold password-authenticated key exchange

Abstract: We present two protocols for threshold password authenticated key exchange. In this model, the password is not stored in a single authenticating server but rather shared among a set of n servers so that an adversary can learn the password only by breaking into t+1 of them. The protocols require n > 3t servers to work. The goal is to protect the password against hackers attacks that can break into the authenticating server and steal password information. All known centralized password authentication schemes are susceptible to such an attack. Ours are the first protocols which are provably secure in the standard model (i.e. no random oracles are used for the proof of security). Moreover our protocols are reasonably efficient and implementable in practice. In particular a goal of the design was to avoid costly zero-knowledge proofs to keep interaction to a minimum.

Method and system for establishing a consistent password policy

Abstract: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.

Efficient method for providing secure remote access

Abstract: A remote user, two-way authentication and password change protocol that also allows parties to optionally establish a session key which can be used to protect subsequent communication. In a preferred embodiment, a challenge token is generated and exchanged which is a one-time value that includes a random value that changes from session to session. The construction and use of the challenge token avoids transmission of the password or even the transmission of a digest of the password itself. Thus the challenge token does not reveal any information about a secret password or a digest of the password.

Secure routing protocol for an ad hoc network using one-way/one-time hash functions

Abstract: A method authenticates packets that are transmitted serially in a network. A current password is selected for a current packet to be transmitted. The current packet includes current data. A one-way/one-time hash function is applied to the current password to form a current tag. A next password is selected for a next packet that includes next data, and the one-way/one-time hash function is applied to the next password to form a next tag. The one-way/one-time hash function is then applied to the next data, the next tag, and the current password to obtain a hashed value. The current packet is then transmitted to include the hash value, the current data, the current tag, and a previous password of a previous transmitted packet to authenticate the current data.

Security enhancement for Optimal Strong-Password Authentication protocol

Abstract: In 2001, Lin et al. proposed an optimal strong-password authentication protocol called the OSAP protocol. However, Chen and Ku pointed out that it is vulnerable to the stolen-verifier attack. In this paper, we shall propose an improved version of the OSAP protocol to enhance the security.

Delegation of cryptographic servers for capture-resilient devices

Abstract: A device that performs private key operations (signatures or decryptions), and whose private key operations are protected by a password, can be immunized against offline dictionary attacks in case of capture by forcing the device to confirm a password guess with a designated remote server in order to perform a private key operation. Recent proposals for achieving this allow untrusted servers and require no server initialization per device. In this paper we extend these proposals to enable dynamic delegation from one server to another; i.e., the device can subsequently use the second server to secure its private key operations. One application is to allow a user who is traveling to a foreign country to temporarily delegate to a server local to that country the ability to confirm password guesses and aid the user's device in performing private key operations, or in the limit, to temporarily delegate this ability to a token in the user's possession. Another application is proactive security for the device's private key, i.e., proactive updates to the device and servers to eliminate any threat of offline password guessing attacks due to previously compromised servers.

Authentication system, authentication device, terminal device, and authentication method

Abstract: An authentication system causing little load on a user upon authentication and having a high security. A management section (107) of a server device (106) stores a password of a character string consisting of a plurality of digits. A random number generator (108) generates a random number for each digit of the password. A communication section (111) transmits a plurality of random numbers to a terminal device (101). A calculation section (109) calculates an authentication value used for authentication by using a random number and password symbol for each digit of the password. In the terminal device (101), a display section (102) displays a random number for each digit of the password. An input section supplies an input value for the random number of each digit of the password and transmits the input value of each digit via a communication section (105). A judgment section (110) of the server device (106) judges whether the authentication value coincides with the input value for each digit of the password, thereby performing user authentication.

System and method for automatic password reset

Abstract: The loss of a computer's primary O.S. password, BIOS password, or HDD password (or even an application password) is sensed by a secondary O.S. based on a number of failed log on attempts to the affected component. The password can be reset by having the secondary O.S. generate an intermediate password automatically, verify user authorization, and then make the intermediate password available to, e.g., the primary O.S., so that the affected component can be accessed and its password reset without help desk personnel intervention.

Password strength checking method and apparatus and program and recording medium thereof, password creation assisting method and program thereof, and password creating method and program thereof

Abstract: A password strength checking method has the steps of inputting a password to be checked, generating a plaintext password candidate according to the same generation procedure as that used by a password guessing tool, determining whether or not the inputted password and the generated password candidate match each other, directing generation of the next password candidate when the match is not determined, determining strength of the inputted password based on the number of the generated password candidates when the match is determined, and outputting information of the determined password strength.

Weaknesses of Lee-Li-Hwang's hash-based password authentication scheme

Abstract: Many password authentication schemes employ hash functions as their basic building blocks to achieve better efficiency. In 2000, Peyravian and Zunic proposed a hash-based password authentication scheme that is efficient and can be easily implemented. Recently, Lee, Li, and Hwang demonstrated that Peyravian-Zunic's hash-based password authentication scheme is vulnerable to the off-line guessing attack, and then proposed an improved version. In this article, we show that their improved scheme is still vulnerable to the off-line guessing attack, the denial-of-service attack, and the stolen-verifier attack.

Password-based key management

Abstract: Systems, methods, and data structures permit data to be protected with complex keys and allow users to access the protected data using only a simple user id and password.

Security Analysis of a Password Authenticated Key Exchange Protocol

Abstract: A password authenticated key exchange (PAKE) protocol allows two parties who share a memorable password to obtain a common shared cryptographic key. The central security requirement to such a protocol is that the password should not be subject to (offline) dictionary attack. Following the EKE proposed by Bellovin and Merritt in 1992 [1], many PAKE protocols have been proposed. In this paper we give a security analysis to an RSA-based PAKE protocol proposed in ISC’02 [12]. Our analysis shows that the protocol is subject to dictionary attack when the length of the ID of the second party is small; and therefore the security of the protocol is not related to the security parameters such as the size of the RSA modulo n or the length of the hash function. This violates the security definition of PAKE protocols. Previously well-designed PAKE protocols do not have this security flaw.

User authentication for computer systems

Abstract: A password is held as part of authentication credentials on a secure media such as a smart card of a secure file. A user presents a PIN number which is different from the card which causes GINA or scripting module to unlock the secure module and extract the password. The password is presented to the operating system or an application to authenticate the user. The password may change without the user being aware of the new password. The GINA or scripting module recognises a change password request or screen and generates a new random password which is passed to the operating system or application and, if authenticated, stored as part of the authentication credentials.

On the Security of Some Password Authentication Protocols

Abstract: In an internet environment, such as UNIX, a remote user has to obtain the access right from a server before doing any job. The procedure of obtaining acess right is called a user authentication protocol. User authentication via user memorable password provides convenience without needing any auxiliary devices, such as smart card. A user authentication protocol via username and password should basically withstand the off-line password guessing attack, the stolen verifier attack, and the DoS attack. Recently, Peyravian and Zunic proposed one password transmission protocol and one password change protocol. Later, Tseng et al. (2001) pointed out that Peyravian and Zunic's protocols can not withstand the off-line password guessing attack, and therefore proposed an improved protocol to defeat the attack. Independently, Hwang and Yeh also showed that Peyravian and Zunic's protocols suffer from some secury flaws, and an improved protocol was also presented. In this paper, we show that both Peyravian and Zunic's protocols and Tseng et al.'s improved protocol are insecure against the stolen verifier attack. Moreover, we show that all Peyravian and Zunic's, Tseng et al.'s, and Hwang and Yeh's protocols are insecure against DoS attack.

Method and system for automated password generation

Abstract: Access to target data processing systems frequently requires a password to be submitted in conjunction with user identification. The required rules and syntax for such passwords may vary widely from system-to-system and the number and variety of systems makes password management difficult. An analysis of an initially assigned or known valid password is performed, and the nature of each character within the password is defined, i.e., a numeric character, a punctuation character, a lower-case alphabetic character, or an upper-case alphabetic character. Randomly generated characters of identical nature are then assigned to each position within the password to create a new password, which will comply with the specified rules and syntax for a particular target data processing system.

Method and apparatus for transmitting a digital picture with textual material

Abstract: A method and system for incorporating textual and audio material into a JPEG file (70) in a manner allowing both a photograph and the textual material to be stored as one unit and transferred as one unit. The textual materials stored in various photograph tag markers which become part of the JPEG file (70). The JPEG file (70) including the textual material can be transferred to an authorized user who could edit the file based upon password security. The textual materials can appear around any of the borders of the photographs or can be directly embedded into the photograph.

Security of Improvement on Methods for Protecting Password Transmission

Abstract: Recently, Tseng et al. proposed an improvement on Peyravian and Zunic's protected password transmission scheme and protected changing scheme to remove some security flaws. However, as we will point out in this paper, any adversary can intercept the request for changing the password sent by a legal user and modify it with a wrong password. Furthermore, we shall also propose an improved version of their protected password changing scheme to help it out of the trouble.

Security Proofs for an Ecien t Password-Based Key Exchange

Abstract: Password-based key exchange schemes are designed to provide entities communicating over a public network, and sharing a (short) password only, with a session key (e.g, the key is used for data integrity and/or conden tiality). The focus of the present paper is on the analysis of very ecien t schemes that have been proposed to the IEEE P1363 Standard working group on password-based authenticated key-exchange methods, but for which actual security was an open problem. We analyze the AuthA key exchange scheme and give a complete proof of its security. Our analysis shows that the AuthA protocol and its multiple modes of operation are provably secure under the computational Die-Hellman intractability assumption, in both the random-oracle and the ideal-cipher models.

Alert passwords for detecting password attacks on systems

Abstract: Detecting attacks on secured computer resources, including gathering user security data for a user having a user password protecting resources on a computer system; generating an alert password that is easier to crack than the user password; and deploying the alert password on the computer system for use in detecting password attacks on the protected resources. Generating an alert password that is easier to crack than the user password in some embodiment further comprises: generating an alert password having a cracking difficulty; attempting to crack the alert password and the user password until one cracks; and if the user password cracks first, repeatedly carrying out the following steps so long as the user password continues to crack first: generating an alert password having a reduced cracking difficulty; and attempting to crack both the alert password having a reduced cracking difficulty and the user password until one cracks.

Method and apparatus for password generation

Abstract: The generation of a unique password using a secret key and an application name is disclosed. Other passwords may be generated for other applications using the same key. A user provides a key that is not easily able to be guessed by third parties. The user also inputs a name of an application for which a password is desired. The system utilises the application name and the secret key to generate a unique password for that application, using standard encryption techniques. The system generates the same password for that application and secret key combination every time. Alternate embodiments generate a user identifier from the same secret key and application name.

Electronic device and data protection method

Abstract: A password setting unit of a database system manages a password set by a user in a password management table. A password registration unit registers the set password to data in a data group, and records this registration in a data management table. A password authentication unit determines whether the password inputted by the user matches the password set by the password setting unit, and informs a data list display unit of matching if the passwords match each other. Then, the data list display unit displays a list of the data group with the data to which the passwords match, along with data unassigned with a data group, while data assigned to data groups in which the passwords do not match are concealed from display.

Methods for remotely changing a communications password

Abstract: Disclosed are methods for an authentication client, having been authenticated by an authentication server, to leverage the effects of that authentication to implement a new communications password. The authentication client gets a new password from its user. From the new password and from information provided by the authentication server, the authentication client derives a "password verifier." The password verifier is then shared with the authentication server. The new password itself is never sent to the authentication server, and it is essentially impossible to derive the new password from the password verifier. The authentication client and the authentication server, in parallel, derive a new set of authentication and encryption security keys from the new password and from the password verifier, respectively. This process may be repeated to limit the amount of data sent using any one particular set of security keys and thus to limit the effectiveness of any statistical attacker.