• Corpus ID: 17307854

Secure Network Authentication with Password Identification

  title={Secure Network Authentication with Password Identification},
  author={Philip D. MacKenzie and R. P. Swaminathan},
A password authentication protocol called SNAPI is proposed for inclusion in the P1363a document. SNAPI provides mutual authentication between a client and server based solely on a password, and does not require the client to store any other information (except the code that runs the protocol). SNAPI is the rst protocol of this type that is provably secure against active adversaries (i.e., adversaries that can not only eavesdrop on communication, but also impersonate parties and replay messages… 

Figures from this paper

Server-assisted generation of a strong secret from a password

  • W. FordB. Kaliski
  • Computer Science, Mathematics
    Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000)
  • 2000
This work describes a credentials server model and supporting protocol that overcomes the vulnerability to exhaustive password guessing attack at the server, and provides for securely generating a strong secret from a weak secret (password) based on communications exchanges with two or more independent servers.

Security Analysis and Implementation of Password-based Cryptosystem

This dissertation would provide a detailed analysis of the proof of security for the SNAPI protocol and explain how to bootstrap a short secret into a secure strong secret.

One-Round Protocol for Two-Party Verifier-Based Password-Authenticated Key Exchange

This paper proposes a provably-secure verifier-based PAKE protocol well suited with the TLS protocol which requires only a single round, and provides forward secrecy, which is analyzed in the ideal hash model.

pwdArmor: Protecting Conventional Password-Based Authentications

pwdArmor is a framework for fortifying conventional password-based authentications that thwarts passive attacks and improves detection, by both users and servers, of man-in-the middle attacks.

Efficient Password-Based Authenticated Key Agreement Protocol

In this paper, we present a new password-based authenticated key agreement protocol called PAKA, which provides mutual authentication and key agreement over an insecure channel between two parties

Ultimate solution to authentication via memorable password

A new protocol called AMP, which allows the Di eHellman based key agreement and is actually superior to other related work in terms of e ciency and generalization features, is introduced.

Convenient decentralized authentication using passwords

The goal is to provide decentralized authentication that maintains the convenience and portability of passwords, while improving its assurances (especially against phishing), to provide a practical solution to the difficult problem of authenticating strangers on the Internet.

Ultimate Solution to Authentication via Memorable Password -contribution to the Ieee P1363 Study Group for Future Pkc Standards

A new password authentication and key agreement protocol called AMP is proposed in a provable manner that provides the password-veriier based authentication and the Diie-Hellman key agreement, securely and eeciently.

Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-Based Authentication

A generic password-based key exchange construction that admits a security proof assuming that these objects exist, and instantiate the general scheme with some concrete examples, such as the Diffie-Hellman function and the RSA function, but more interestingly the modular square-root function, which leads to the first scheme with security related to the integer factorization problem.

Authenticated Public Key Distribution Scheme Without Trusted Third Party

This paper proposes a simple and practical scheme for public key authentication without any trusted third party taking a short random value as a key to authenticate the exchanged public keys.



Number theoretic attacks on secure password schemes

  • Sarvar Patel
  • Computer Science, Mathematics
    Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097)
  • 1997
It is shown how randomized confounders cannot protect Direct Authentication Protocol and Secret Public Key Protocol versions of a secure password scheme from attacks, and why these attacks are possible against seemingly secure protocols and what is necessary to make secure protocols.

The Secure Remote Password Protocol

This new protocol combines techniques of zero-knowledge proofs with asymmetric key exchange protocols and has significantly improved performance over comparably strong extended methods that resist stolen-veri er attacks such as Augmented EKE or B-SPEKE.

Extended password key exchange protocols immune to dictionary attack

  • David P. Jablon
  • Computer Science, Mathematics
    Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
  • 1997
A new extension to further limit exposure to theft of a stored password-verifier is described, and it is applied to several protocols including the Simple Password Exponential Key Exchange (SPEKE).

Strong password-only authenticated key exchange

A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channel

Refinement and extension of encrypted key exchange

This paper discusses a possible weakness in the proposed protocol, develops some enhancements and simplifications, and provides a security analysis of the resultant minimal EKE protocol, which yields a protocol with some interesting properties.

Protecting Poorly Chosen Secrets from Guessing Attacks

The basic idea is to ensure that data available to the attacker is sufficiently unpredictable to prevent an offline verification of whether a guess is successful or not and to examine protocols to detect vulnerabilities to such attacks.

The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin

An RSA-based signing scheme which combines essentially optimal efficiency with attractive security properties and a second scheme which maintains all of the above features and in addition provides message recovery is provided.

Entity Authentication and Key Distribution

This work provides the first formal treatment of entity authentication and authenticated key distribution appropriate to the distributed environment and presents a definition, protocol, and proof that the protocol meets its goal, assuming only the existence of a pseudorandom function.

Random oracles are practical: a paradigm for designing efficient protocols

It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.

Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys

  • S. Lucks
  • Computer Science, Mathematics
    Security Protocols Workshop
  • 1997
Bellovin and Merritt proposed “encrypted key exchange” (EKE) protocols, to frustrate key-guessing attacks, which requires the use of asymmetric cryptosystems and is based on encrypting the public key, using a symmetric cipher.