Authentication and Key Agreement via Memorable Password

Proceedings of the Symposium on Network and Distributed System Security, NDSS 2001

Volumn , Issue , 2001, Pages

  Kwon, Taekyoung ^a  

^a NONE

Author keywords

[No Author keywords available]

Indexed keywords

ENTROPY; NETWORK SECURITY;

AUTHENTICATION AND KEY AGREEMENT PROTOCOLS; AUTHENTICATION AND KEY AGREEMENTS; COMPLEX PROBLEMS; DICTIONARY ATTACK; DIFFIE HELLMAN; KEY AGREEMENT; LOW ENTROPY; PASSWORD-AUTHENTICATION; VERIFIER-BASED; ZERO-KNOWLEDGE PROOFS;

AUTHENTICATION;

EID: 85180777204     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (39)

1. R. Anderson and T. Lomas, “Fortifying key negotiation schemes with poorly chosen passwords,” Electronics Letters, vol.30, no.13, pp.1040-1041, 1994
2. u ’s,” In Asiacrypt 96, 1996
3. M. Bellare and P. Rogaway, “Entity authentication and key distribution,” In CRYPTO 93, 1993
4. M. Bellare, R. Canetti, and H. Krawczyk, “A modular approach to the design and analysis of authentication and key exchange protocols,” In STOC, pp.419-428, 1998
5. M. Bellare, D. Pointcheval and P. Rogaway, “Authenticated key exchange secure against dictionary attack,” In Eurocrypt 00, 2000
6. M. Bellare and P. Rogaway, “The AuthA protocol for password-based authenticated key exchange,” 2000, available from http://www.cs.ucdavis.edu/ rogaway/papers/autha.ps
7. S. Bellovin and M. Merritt, “Encrypted key exchange: password-based protocols secure against dictionary attacks,” In IEEE Symposium on Research in Security and Privacy, pp. 72-84, 1992
8. S. Bellovin and M. Merritt, “Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password-file compromise,” In ACM Conference on Computer and Communications Security, pp. 244-250, 1993
9. M. Boyarsky, “Public-key cryptography and password protocols: the multi-user case,” In ACM Conference on Computer and Communications Security, 1999
10. V. Boyko, P. MacKenzie and S. Patel, “Provably secure password authenticated key exchange using Diffie-Hellman,” In Eurocrypt 00, 2000
11. P. Buhler, T. Eirich, M. Steiner and M. Waidner, “Secure Password-Based Cipher Suite for TLS,” In Network and Distributed System Security Symposium, February 2-4, 2000
12. D. Denning and G. Sacco, “Timestamps in key distribution protocols,” Communications of the ACM, vol.24, no.8, pp.533-536, 1981
13. W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol.22, no.6, pp.644-654, November 1976
14. Y. Ding and P. Hoster, “Undetectable on-line password guessing attacks,” ACM Operating Systems Review, vol.29, no.4, pp.77-86, October 1995
15. L. Gong, M. Lomas, R. Needham, and J. Saltzer, “Protecting poorly chosen secrets from guessing attacks,” IEEE Journal on Selected Areas in Communications, vol.11, no.5, pp.648-656, June 1993
16. L. Gong, “Optimal authentication protocols resistant to password guessing attacks,” In IEEE Computer Security Foundation Workshop, pp. 24-29, June 1995
17. S. Halevi and H. Krawczyk, “Public-key cryptography and password protocols,” In ACM Conference on Computer and Communications Security, 1998
18. D. Jablon, “Strong password-only authenticated key exchange,” ACM Computer Communications Review, vol.26, no.5, pp.5-26, 1996
19. D. Jablon, “Extended password key exchange protocols,” In WETICE Workshop on Enterprise Security, pp.248-255, 1997
20. T. Kwon and J. Song, “Efficient key exchange and authentication protocols protecting weak secrets,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol.E81-A, no.1, pp.156-163, January 1998
21. T. Kwon and J. Song, “Secure agreement scheme for gKk>q via password authentication,” Electronics Letters, vol.35, no.11, pp.892-893, 27th May 1999
22. T. Kwon, “Authentication and key agreement via memorable password,” 2000, available from http://eprint.iacr.org/2000/026
23. C. Lim and P. Lee, “A key recovery attack on discrete log-based schemes using a prime order subgroup,” In CRYPTO, pp.249-263, 1997
24. M. Lomas, L. Gong, J. Saltzer, and R. Needham, “Reducing risks from poorly chosen keys,” ACM Symposium on Operating System Principles, pp.14-18, 1989
25. S. Lucks, “Open key exchange: how to defeat dictionary attacks without encrypting public keys,” The Workshop on Security Protocols, April 7-9, 1997
26. P. MacKenzie and R. Swaminathan, “Secure network authentication with password identification,” 1999, available from http://grouper.ieee.org/groups/1363/StudyGroup/Passwd.html÷ MS
27. A. Menezes, P. van Oorschot and S. Van-stone, Handbook of applied cryptography, CRC Press,Inc., pp.517-518, 1997
28. P. van Oorschot and M. Wiener, “On Diffie-Hellman key agreement with short exponents,” In Eurocrypt 96, pp. 332-343, 1996
29. S. Patel, “Number theoretic attacks on secure password schemes,” In IEEE Symposium on Security and Privacy, 1997
30. R. Perlman and C. Kaufman, “Strong Password-Based Authentication Using Pseudorandom Moduli,” IETF Internet Draft, 2000, available from http://search.ietf.org/internetdrafts/draft-perlman-strongpass-00.txt
31. S. Pohlig and M. Hellman, “An improved al- (gorithm for computing logarithms over ø ù L * and its cryptographic significance,” IEEE Transactions on Information Theory, vol.24, no.1, pp.106-110, 1978
32. J. Pollard, “Monte Carlo methods for index computation GIHKJ L,” Mathematics of Computation, vol.32, pp.918-924, 1978
33. M. Roe, B. Christianson and D. Wheeler, “Secure sessions from weak secrets,” Technical report from University of Cambridge and University of Hertfordshire, 1998, available from http://www.ccsr.cam.ac.uk/techreports/tr4/index.html
34. C. Schnorr, “Efficient identification and signatures for smart cards,” In CRYPTO 89, pp.239-251, 1989
35. M. Steiner, G. Tsudik, and M. Waidner, “Refinement and extension of encrypted key exchange,” ACM Operating Systems Review, vol.29, no.3, pp.22-30, 1995
36. G. Tsudik and E. van Herreweghen, “Some remarks on protecting weak keys and poorly-chosen secrets from guessing attacks,” In IEEE Computer Security Foundation Workshop, pp.136-142, 1993
37. V. Voydock and S. Kent, “Security mechanisms in high-level network protocols,” Computing Surveys, vol.15, no.2, pp.135-171, June 1983
38. T. Wu, “Secure remote password protocol,” In Network and Distributed System Security Symposium, 1998
39. T. Wu, “A Real-World Analysis of Kerberos Password Security,” In Network and Distributed System Security Symposium, February 3-5, 1999