A new protocol to counter online dictionary attacks

Computers and Security

Volumn 25, Issue 2, 2006, Pages 114-120

  Goyal, Vipul ^a,d   Kumar, Virendra ^a   Singh, Mayank ^a   Abraham, Ajith ^b,e,f   Sanyal, Sugata ^c  

^a BANARAS HINDU UNIVERSITY   (India)

^b Chung Ang University   (South Korea)

^c TATA INSTITUTE OF FUNDAMENTAL RESEARCH   (India)

^d OSP Global   (India)

^e Hybrid Intelligent Systems (HIS)

^f Intelligent Systems Design and Applications (ISDA)

Author keywords

Authentication; Cryptographic protocol; Hash functions; Online dictionary attacks; Passwords

Indexed keywords

AUTHENTICATION; CRYPTOGRAPHIC PROTOCOL; HASH FUNCTIONS; ONLINE DICTIONARY ATTACKS; PASSWORDS;

COMMUNICATION CHANNELS (INFORMATION THEORY); COMPUTATION THEORY; DATA MINING; NETWORK PROTOCOLS; PUBLIC KEY CRYPTOGRAPHY;

COMPUTER CRIME;

EID: 33644781729     PISSN: 01674048     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cose.2005.09.003     Document Type: Article

References (15)

1. ANSI X9.30 (PART 2) American National Standard For Financial Services - public key cryptology using irreversible algorithms for the financial services industry - part 2: the secure hash algorithm (SHA) 1993 American Banker's Association ASC X9 Secretariat
2. Bellovin SM, Merritt M. Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of IEEE computer society symposium on research in security and privacy; May 1992. p. 72-84.
3. 2004 [accessed on October 08, 2004]
4. Goyal V. How to re-initialize a hash chain, Cryptology ePrint Archive, Report 2004/097. Available from: eprint.iacr.org ; 2004a.
5. Goyal V. Password based authentication without public key cryptography, manuscript; April 2004b.
6. V. Goyal, V. Kumar, M. Singh, A. Abraham, and S. Sanyal CompChall: addressing password guessing attacks IEEE international conference on information technology: coding and computing (ITCC'05) 2005 IEEE Computer Society USA 739 744
7. Hackers find new way to bilk eBay users CNET%20news.com March 25, 2002
8. Shai Halevi, and Hugo Krawczyk Public key cryptography and password protocols ACM Transaction on Information and System Security 2 3 August 1999 230 268
9. Klein DV. Foiling the cracker: a survey of, and improvements to password security. In: Proceedings of the second USENIX UNIX security workshop; 1990. p. 5-14.
10. L. Lamport Password authentication with insecure communication Communications of the ACM 24 1981 770 772
11. R. Morris, and K. Thompson Password security: a case history Communications of the ACM 22 11 November, 1979 594 597
12. Pinkas Benny, Sander Tomas. Securing passwords against dictionary attacks. In: Proceedings of the ninth ACM conference on computer and communications security; 2002.
13. Terry Ritter Salts Online article at http://www.ciphersbyritter.com/NEWS6/SALT.HTM
14. R. Rivest Can we eliminate certificate revocations lists? Financial cryptography LNCS 1998 Springer 178 183
15. Salt (cryptography), wikipedia, the free encyclopedia Available from: http://en.wikipedia.org/wiki/Salt_(cryptography)