Secure authentication protocols resistant to guessing attacks

被引：0

作者：

Luo, Jia-Ning ^{[1
]}

Shieh, Shiuhpyng

Shen, Ji-Chiang

机构：

[1] Ming Chuan Univ, Dept Informat & Telecommun, Taoyuan 333, Taiwan

[2] Natl Chiao Tung Univ, Dept Comp Sci, Hsinchu 300, Taiwan

来源：

JOURNAL OF INFORMATION SCIENCE AND ENGINEERING | 2006年 / 22卷 / 05期

关键词：

network security; authentication; guessing attack; cryptography; protocol;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Users are normally authenticated via their passwords in computer systems. Since people tend to choose passwords that can be easily remembered, the systems are under the threat of guessing attacks. Many authentication and key distribution protocols have been proposed to protect user passwords from guessing attacks. However, these protocols either are limited to some specific environments or incur high computation and communication costs. In the paper, we first specify five common forms of guessing attacks, which are used to determine whether a protocol is vulnerable to those attacks. Based on these common forms, some guidelines are provided for developing secure protocols that can be used in both symmetric and asymmetric cryptosystems to defend against guessing attacks. Finally, we enhance the well-known authentication system Kerberos and propose two authentication and key distribution protocols, which are both resistant to guessing attacks.

引用

页码：1125 / 1143

页数：19

共 50 条

[1] Security and efficiency in authentication protocols resistant to password guessing attacks
Kwon, T
Song, JS
[J]. LCN'97 - 22ND ANNUAL CONFERENCE ON LOCAL COMPUTER NETWORKS, PROCEEDINGS, 1997, : 245 - 252
[2] Efficient and secure password-based authentication protocols against guessing attacks
Kwon, T
Song, J
[J]. COMPUTER COMMUNICATIONS, 1998, 21 (09) : 853 - 861
[3] Efficient three-party authentication and key agreement protocols resistant to password guessing attacks
Yeh, HT
Sun, HM
Hwang, T
[J]. JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 2003, 19 (06) : 1059 - 1070
[4] Authenticated key exchange protocols resistant to password guessing attacks
Kwon, T
Song, J
[J]. IEE PROCEEDINGS-COMMUNICATIONS, 1998, 145 (05): : 304 - 308
[5] Secure key agreement protocols for three-party against guessing attacks
Sun, HM
Chen, BC
Hwang, T
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2005, 75 (1-2) : 63 - 68
[6] Secure authentication protocols to resist off-line attacks on authentication data table
Falmari, Vinod Ramesh
Brindha, M.
[J]. JOURNAL OF COMPUTER SECURITY, 2024, 32 (01) : 53 - 76
[7] High performance nonce-based authentication and key distribution protocols against password guessing attacks
Yen, SM
Liu, MT
[J]. IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 1997, E80A (11) : 2209 - 2217
[8] Validating attacks on authentication protocols
Hagalisletto, Anders Moen
[J]. 2007 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, VOLS 1-3, 2007, : 362 - 369
[9] A bound on attacks on authentication protocols
Stoller, SD
[J]. FOUNDATIONS OF INFORMATION TECHNOLOGY IN THE ERA OF NETWORK AND MOBILE COMPUTING, 2002, 96 : 588 - 600
[10] Errors in attacks on authentication protocols
Hagalisletto, Anders Moen
[J]. ARES 2007: SECOND INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2007, : 223 - 229

← 1 2 3 4 5 →