One-Time Verifier-Based Encrypted Key Exchange
نویسندگان
چکیده
“Grid” technology enables complex interactions among computational and data resources; however, to be deployed in production computing environments “Grid” needs to implement additional security mechanisms. Recent compromises of user and server machines at Grid sites have resulted in a need for secure password-authentication key-exchange technologies. AuthA is an example of such a technology considered for standardization by the IEEE P1363.2 working group. Unfortunately in its current form AuthA does not achieve the notion of forward-secrecy in a provably-secure way nor does it allow a Grid user to log into his account using an un-trusted computer. This paper addresses this void by first proving that AuthA indeed achieves this goal, and then by modifying it in such a way that it is secure against attacks using captured user passwords or server data.
منابع مشابه
Extended Password Key Exchange Protocols Immune to Dictionary Attacks
to anyone who doesn't already have it. Our goal is also to gracefully handle passwords of large-entropy too. When considering theft of a host-stored hashed-password database, large passwords still provide more security than small, but strong methods don't fall to network attack when password entropy is less than optimal. Strong password methods verify even small passwords over a network without...
متن کاملVerifier-based Password Authenticated 3P-EKE Protocol using PCLA Keys
This paper endeavors to present a novel framework for the generic structure of a verifier-based password authenticated Three-Party Encrypted Key Exchange (3P-EKE) protocol which yields more efficient protocol than the ones knew before. A previous framework presented by Archana and Premchand is more secured against all types of attacks like password guessing, replay, pre-play, man-in-the-middle ...
متن کاملExtended Password Key Exchange Protocols Immune To Dictionary Attack - Enabling Technologies: Infrastructure for Collaborative Enterprises, 1997., Proceedings Sixth IEEE
Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a p...
متن کاملPrivate Key based query on encrypted data
Nowadays, users of information systems have inclination to use a central server to decrease data transferring and maintenance costs. Since such a system is not so trustworthy, users' data usually upkeeps encrypted. However, encryption is not a nostrum for security problems and cannot guarantee the data security. In other words, there are some techniques that can endanger security of encrypted d...
متن کاملAttack on the Sun-Chen-Hwang's Three-Party Key Agreement Protocols Using Passwords
The possibility of secure password-authenticated key exchange was recognized in the work of Bellovin and Merritt [1], which shows how to bootstrap a high-entropy cryptographic key from a weak, low-entropy password. Due in large part to the practical significance of password-based authentication, this initial work has been extended to a number of settings, including a three-party model where an ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005