Efficient and secure password-based authentication protocols against guessing attacks

被引:9
|
作者
Kwon, T [1 ]
Song, J [1 ]
机构
[1] Yonsei Univ, Dept Comp Sci, Seoul 120749, South Korea
来源
COMPUTER COMMUNICATIONS | 1998年 / 21卷 / 09期
关键词
security; authentication; key exchange; cryptographic protocol; password;
D O I
10.1016/S0140-3664(98)00153-4
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally. (C) 1998 Elsevier Science B.V.
引用
收藏
页码:853 / 861
页数:9
相关论文
共 50 条
  • [21] Composition of password-based protocols
    Chevalier, Celine
    Delaune, Stephanie
    Kremer, Steve
    Ryan, Mark D.
    FORMAL METHODS IN SYSTEM DESIGN, 2013, 43 (03) : 369 - 413
  • [22] Composition of password-based protocols
    Delaune, Stephanie
    Kremer, Steve
    Ryan, Mark
    CSF 2008: 21ST IEEE COMPUTER SECURITY FOUNDATIONS SYMPOSIUM, PROCEEDINGS, 2008, : 239 - +
  • [23] Password-based authentication and key distribution protocols with perfect forward secrecy
    Sun, Hung-Min
    Yeh, Her-Tyan
    JOURNAL OF COMPUTER AND SYSTEM SCIENCES, 2006, 72 (06) : 1002 - 1011
  • [24] Composition of password-based protocols
    Céline Chevalier
    Stéphanie Delaune
    Steve Kremer
    Mark D. Ryan
    Formal Methods in System Design, 2013, 43 : 369 - 413
  • [25] Security analysis and improvement of the efficient password-based authentication protocol
    Kwon, T
    Park, YH
    Lee, HJ
    IEEE COMMUNICATIONS LETTERS, 2005, 9 (01) : 93 - 95
  • [26] Efficient Password-based Two Factors Authentication in Cloud Computing
    Yassin, Ali A.
    Jin, Hai
    Ibrahim, Ayad
    Qiang, Weizhong
    Zou, Deqing
    INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2012, 6 (02): : 143 - 148
  • [27] An improvement of the password-based authentication protocol (K1P) on security against replay attacks
    Kwon, T
    Kang, M
    Jung, S
    Song, J
    IEICE TRANSACTIONS ON COMMUNICATIONS, 1999, E82B (07) : 991 - 997
  • [28] How to Construct Secure and Efficient Three-Party Password-Based Authenticated Key Exchange Protocols
    Wang, Weijia
    Hu, Lei
    Li, Yong
    INFORMATION SECURITY AND CRYPTOLOGY, 2011, 6584 : 218 - +
  • [29] Securing Password in Static Password-based Authentication: A Review
    Mohamedali, Intisar A.
    Fadlalla, Yahia
    PROCEEDINGS OF 2017 SUDAN CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGY (SCCSIT), 2017, : 98 - 102
  • [30] Efficient and secure password-based authenticated key exchange protocol
    Wu, Shuhua
    Zhu, Yuefei
    2006 INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY, PTS 1 AND 2, PROCEEDINGS, 2006, : 1269 - 1272
12345