Efficient and secure password-based authentication protocols against guessing attacks

被引:9
|
作者
Kwon, T [1 ]
Song, J [1 ]
机构
[1] Yonsei Univ, Dept Comp Sci, Seoul 120749, South Korea
来源
COMPUTER COMMUNICATIONS | 1998年 / 21卷 / 09期
关键词
security; authentication; key exchange; cryptographic protocol; password;
D O I
10.1016/S0140-3664(98)00153-4
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally. (C) 1998 Elsevier Science B.V.
引用
收藏
页码:853 / 861
页数:9
相关论文
共 50 条
  • [41] A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System
    Lee, Tian-Fu
    Chang, I-Pin
    Lin, Tsung-Hung
    Wang, Ching-Cheng
    [J]. JOURNAL OF MEDICAL SYSTEMS, 2013, 37 (03)
  • [42] Cryptanalysis and Enhancement of a Password-Based Authentication Scheme
    Eldefrawy, Mohamed H.
    Al-Muhtadi, Jalal F.
    [J]. 2015 IEEE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2015, : 548 - 551
  • [43] Efficient and provably secure password-based group key agreement protocol
    Zheng, Ming-Hui
    Zhou, Hui-Hua
    Li, Jun
    Cui, Guo-Hua
    [J]. COMPUTER STANDARDS & INTERFACES, 2009, 31 (05) : 948 - 953
  • [44] Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols
    Wang, Weijia
    Hu, Lei
    [J]. PROGRESS IN CRYPTOLOGY - INDOCRYPT 2006, PROCEEDINGS, 2006, 4329 : 118 - +
  • [45] Efficient provably secure password-based explicit authenticated key agreement
    Ruan, Ou
    Kumar, Neeraj
    He, Debiao
    Lee, Jong-Hyouk
    [J]. PERVASIVE AND MOBILE COMPUTING, 2015, 24 : 50 - 60
  • [46] Password-based user authentication and key distribution protocols for client-server applications
    Yeh, HT
    Sun, HM
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2004, 72 (01) : 97 - 103
  • [47] A provably secure password-based anonymous authentication scheme for wireless body area networks
    Wei, Fushan
    Vijayakumar, P.
    Shen, Jian
    Zhang, Ruijie
    Li, Li
    [J]. COMPUTERS & ELECTRICAL ENGINEERING, 2018, 65 : 322 - 331
  • [48] Efficient password-based authentication and key exchange scheme preserving user privacy
    Chai, Zhenchuan
    Cao, Zhenfu
    Lu, Rongxing
    [J]. WIRELESS ALGORITHMS, SYSTEMS, AND APPLICATIONS, PROCEEDINGS, 2006, 4138 : 467 - 477
  • [49] Password-based authentication and the experiences of end users
    Ezugwu, Assumpta
    Ukwandu, Elochukwu
    Ugwu, Celestine
    Ezema, Modesta
    Olebara, Comfort
    Ndunagu, Juliana
    Ofusori, Lizzy
    Ome, Uchenna
    [J]. SCIENTIFIC AFRICAN, 2023, 21
  • [50] Indistinguishability and unextractablility of password-based authentication in blockchain
    Huang, Xinyi
    Zhang, Yuexin
    [J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2020, 112 : 561 - 566
12345