Corpus ID: 17307854

Secure Network Authentication with Password Identification

@inproceedings{MacKenzie1999SecureNA,
  title={Secure Network Authentication with Password Identification},
  author={P. MacKenzie and R. Swaminathan},
  year={1999}
}
A password authentication protocol called SNAPI is proposed for inclusion in the P1363a document. SNAPI provides mutual authentication between a client and server based solely on a password, and does not require the client to store any other information (except the code that runs the protocol). SNAPI is the rst protocol of this type that is provably secure against active adversaries (i.e., adversaries that can not only eavesdrop on communication, but also impersonate parties and replay messages… Expand
Server-assisted generation of a strong secret from a password
  • W. Ford, B. Kaliski
  • Computer Science
  • Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000)
  • 2000
TLDR
This work describes a credentials server model and supporting protocol that overcomes the vulnerability to exhaustive password guessing attack at the server, and provides for securely generating a strong secret from a weak secret (password) based on communications exchanges with two or more independent servers. Expand
Security Analysis and Implementation of Password-based Cryptosystem
TLDR
This dissertation would provide a detailed analysis of the proof of security for the SNAPI protocol and explain how to bootstrap a short secret into a secure strong secret. Expand
Ultimate Solution to Authentication via Memorable
Human-memorable password authentication is not easy to provide over insecure networks due to the low entropy of the password. Such a password is typically vulnerable to dictionary attacks. AExpand
One-Round Protocol for Two-Party Verifier-Based Password-Authenticated Key Exchange
TLDR
This paper proposes a provably-secure verifier-based PAKE protocol well suited with the TLS protocol which requires only a single round, and provides forward secrecy, which is analyzed in the ideal hash model. Expand
pwdArmor: Protecting Conventional Password-Based Authentications
TLDR
pwdArmor is a framework for fortifying conventional password-based authentications that thwarts passive attacks and improves detection, by both users and servers, of man-in-the middle attacks. Expand
Efficient Password-Based Authenticated Key Agreement Protocol
In this paper, we present a new password-based authenticated key agreement protocol called PAKA, which provides mutual authentication and key agreement over an insecure channel between two partiesExpand
Ultimate solution to authentication via memorable password
TLDR
A new protocol called AMP, which allows the Di eHellman based key agreement and is actually superior to other related work in terms of e ciency and generalization features, is introduced. Expand
Convenient decentralized authentication using passwords
TLDR
The goal is to provide decentralized authentication that maintains the convenience and portability of passwords, while improving its assurances (especially against phishing), to provide a practical solution to the difficult problem of authenticating strangers on the Internet. Expand
Ultimate Solution to Authentication via Memorable Password -contribution to the Ieee P1363 Study Group for Future Pkc Standards
A new password authentication and key agreement protocol called AMP is proposed in a provable manner. Human-memorable password authentication is not easy to provide over insecure networks due to theExpand
Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-Based Authentication
TLDR
A generic password-based key exchange construction that admits a security proof assuming that these objects exist, and instantiate the general scheme with some concrete examples, such as the Diffie-Hellman function and the RSA function, but more interestingly the modular square-root function, which leads to the first scheme with security related to the integer factorization problem. Expand
...
1
2
3
...

References

SHOWING 1-10 OF 26 REFERENCES
Number theoretic attacks on secure password schemes
  • Sarvar Patel
  • Computer Science
  • Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097)
  • 1997
TLDR
It is shown how randomized confounders cannot protect Direct Authentication Protocol and Secret Public Key Protocol versions of a secure password scheme from attacks, and why these attacks are possible against seemingly secure protocols and what is necessary to make secure protocols. Expand
The Secure Remote Password Protocol
TLDR
This new protocol combines techniques of zero-knowledge proofs with asymmetric key exchange protocols and has significantly improved performance over comparably strong extended methods that resist stolen-veri er attacks such as Augmented EKE or B-SPEKE. Expand
Extended password key exchange protocols immune to dictionary attack
  • David P. Jablon
  • Computer Science
  • Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
  • 1997
TLDR
A new extension to further limit exposure to theft of a stored password-verifier is described, and it is applied to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Expand
Strong password-only authenticated key exchange
A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channelExpand
Encrypted key exchange: password-based protocols secure against dictionary attacks
  • S. Bellovin, Michael Merritt
  • Computer Science
  • Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1992
TLDR
A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. Expand
A Real-World Analysis of Kerberos Password Security
TLDR
The author explores possible strategies for repairing this security hole, the most viable of which is the use of Kerberos V5 preauthentication coupled with a secure password authentication protocol such as SRP. Expand
Refinement and extension of encrypted key exchange
TLDR
This paper discusses a possible weakness in the proposed protocol, develops some enhancements and simplifications, and provides a security analysis of the resultant minimal EKE protocol, which yields a protocol with some interesting properties. Expand
A method for obtaining digital signatures and public-key cryptosystems
TLDR
An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys. Expand
Protecting Poorly Chosen Secrets from Guessing Attacks
TLDR
The basic idea is to ensure that data available to the attacker is sufficiently unpredictable to prevent an offline verification of whether a guess is successful or not and to examine protocols to detect vulnerabilities to such attacks. Expand
The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin
TLDR
An RSA-based signing scheme which combines essentially optimal efficiency with attractive security properties and a second scheme which maintains all of the above features and in addition provides message recovery is provided. Expand
...
1
2
3
...