Efficient and secure password-based authentication protocols against guessing attacks

被引:9
|
作者
Kwon, T [1 ]
Song, J [1 ]
机构
[1] Yonsei Univ, Dept Comp Sci, Seoul 120749, South Korea
来源
COMPUTER COMMUNICATIONS | 1998年 / 21卷 / 09期
关键词
security; authentication; key exchange; cryptographic protocol; password;
D O I
10.1016/S0140-3664(98)00153-4
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally. (C) 1998 Elsevier Science B.V.
引用
收藏
页码:853 / 861
页数:9
相关论文
共 50 条
  • [1] Password-based group key exchange secure against insider guessing attacks
    Byun, JW
    Lee, DH
    Lim, J
    [J]. COMPUTATIONAL INTELLIGENCE AND SECURITY, PT 2, PROCEEDINGS, 2005, 3802 : 143 - 148
  • [2] Strengthening password-based authentication protocols against online dictionary attacks
    Wang, P
    Kim, Y
    Kher, V
    Kwon, T
    [J]. APPLIED CRYPTOGRAPHY AND NETWORK SECURITY, PROCEEDINGS, 2005, 3531 : 17 - 32
  • [3] A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks
    Jia-Lun Tsai
    Nai-Wei Lo
    Tzong-Chen Wu
    [J]. Wireless Personal Communications, 2013, 71 : 1977 - 1988
  • [4] A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks
    Tsai, Jia-Lun
    Lo, Nai-Wei
    Wu, Tzong-Chen
    [J]. WIRELESS PERSONAL COMMUNICATIONS, 2013, 71 (03) : 1977 - 1988
  • [5] Secure authentication protocols resistant to guessing attacks
    Luo, Jia-Ning
    Shieh, Shiuhpyng
    Shen, Ji-Chiang
    [J]. JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2006, 22 (05) : 1125 - 1143
  • [6] Security and efficiency in authentication protocols resistant to password guessing attacks
    Kwon, T
    Song, JS
    [J]. LCN'97 - 22ND ANNUAL CONFERENCE ON LOCAL COMPUTER NETWORKS, PROCEEDINGS, 1997, : 245 - 252
  • [7] High performance nonce-based authentication and key distribution protocols against password guessing attacks
    Yen, SM
    Liu, MT
    [J]. IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 1997, E80A (11) : 2209 - 2217
  • [8] A provably secure and efficient two-party password-based explicit authenticated key exchange protocol resistance to password guessing attacks
    Farash, Mohammad Sabzinejad
    Islam, S. K. Hafizul
    Obaidat, Mohammad S.
    [J]. CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2015, 27 (17): : 4897 - 4913
  • [9] Password-based authentication: Preventing dictionary attacks
    Chakrabarti, Saikat
    Singhal, Mukesh
    [J]. COMPUTER, 2007, 40 (06) : 68 - +
  • [10] Mitigating Server Breaches in Password-Based Authentication: Secure and Efficient Solutions
    Blazy, Olivier
    Chevalier, Celine
    Vergnaud, Damien
    [J]. TOPICS IN CRYPTOLOGY - CT-RSA 2016, 2016, 9610 : 3 - 18
12345