Efficient and secure password-based authentication protocols against guessing attacks

被引:9
|
作者
Kwon, T [1 ]
Song, J [1 ]
机构
[1] Yonsei Univ, Dept Comp Sci, Seoul 120749, South Korea
来源
COMPUTER COMMUNICATIONS | 1998年 / 21卷 / 09期
关键词
security; authentication; key exchange; cryptographic protocol; password;
D O I
10.1016/S0140-3664(98)00153-4
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally. (C) 1998 Elsevier Science B.V.
引用
收藏
页码:853 / 861
页数:9
相关论文
共 50 条
  • [41] Authenticated key exchange protocols resistant to password guessing attacks
    Kwon, T
    Song, J
    IEE PROCEEDINGS-COMMUNICATIONS, 1998, 145 (05): : 304 - 308
  • [42] A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System
    Tian-Fu Lee
    I-Pin Chang
    Tsung-Hung Lin
    Ching-Cheng Wang
    Journal of Medical Systems, 2013, 37
  • [43] An efficient client–client password-based authentication scheme with provable security
    Mohammad Sabzinejad Farash
    Mahmoud Ahmadian Attari
    The Journal of Supercomputing, 2014, 70 : 1002 - 1022
  • [44] Secure key agreement protocols for three-party against guessing attacks
    Sun, HM
    Chen, BC
    Hwang, T
    JOURNAL OF SYSTEMS AND SOFTWARE, 2005, 75 (1-2) : 63 - 68
  • [45] Efficient and Strongly Secure Password-Based Server Aided Key Exchange
    Yoneyama, Kazuki
    PROGRESS IN CRYPTOLOGY - INDOCRYPT 2008, 2008, 5365 : 172 - 184
  • [46] Off-line password guessing attack on an efficient key agreement protocol for secure authentication
    Department of Computer Science and Engineering, Shanghai Jiao Tong University, No. 1954, Huashan Road, Shanghai 200030, China
    Int. J. Netw. Secur., 2006, 1 (35-38):
  • [47] A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System
    Lee, Tian-Fu
    Chang, I-Pin
    Lin, Tsung-Hung
    Wang, Ching-Cheng
    JOURNAL OF MEDICAL SYSTEMS, 2013, 37 (03)
  • [48] Cryptanalysis and Enhancement of a Password-Based Authentication Scheme
    Eldefrawy, Mohamed H.
    Al-Muhtadi, Jalal F.
    2015 IEEE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2015, : 548 - 551
  • [49] Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols
    Wang, Weijia
    Hu, Lei
    PROGRESS IN CRYPTOLOGY - INDOCRYPT 2006, PROCEEDINGS, 2006, 4329 : 118 - +
  • [50] Efficient and provably secure password-based group key agreement protocol
    Zheng, Ming-Hui
    Zhou, Hui-Hua
    Li, Jun
    Cui, Guo-Hua
    COMPUTER STANDARDS & INTERFACES, 2009, 31 (05) : 948 - 953
12345