Server-assisted generation of a strong secret from a password

@article{Ford2000ServerassistedGO,
  title={Server-assisted generation of a strong secret from a password},
  author={Warwick S. Ford and Burton S. Kaliski},
  journal={Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000)},
  year={2000},
  pages={176-180}
}
  • W. Ford, B. Kaliski
  • Published 4 June 2000
  • Computer Science, Mathematics
  • Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000)
A roaming user, who accesses a network front different client terminals, can be supported by a credentials server that authenticates the user by password then assists in launching a secure environment for the user. However, traditional credentials server designs are vulnerable to exhaustive password guessing attack at the server. We describe a credentials server model and supporting protocol that overcomes that deficiency. The protocol provides for securely generating a strong secret from a… 

Threshold password-authenticated key exchange: (Extended abstract)

TLDR
This paper proposes an efficient password-authenticated key exchange system involving a set of servers, in which a certain threshold of servers must participate in the authentication of a user, and in which the compromise of any fewer than that thresholds does not allow an attacker to perform an offline dictionary attack.

Threshold Password-Authenticated Key Exchange

TLDR
This paper proposes an efficient password-authenticated key exchange system involving a set of servers with known public keys, in which a certain threshold of servers must participate in the authentication of a user, and in which the compromise of any fewer than that threshold of server does not allow an attacker to perform an off-line dictionary attack.

Two-Server Password-Authenticated Secret Sharing UC-Secure Against Transient Corruptions

TLDR
The first TPASS protocol that is provably secure against adaptive server corruptions is provided, secure in the universal-composability model where servers can be corrupted adaptively at any time; the users’ passwords and secrets remain safe as long as both servers are not corrupted at the same time.

Two-server password-only authenticated key exchange

A Novel Two-Server Password Authentication Scheme with Provable Security

  • Dexin YangBo Yang
  • Computer Science
    2010 10th IEEE International Conference on Computer and Information Technology
  • 2010
TLDR
A new efficient two-server password-only authenticated key exchange scheme is proposed which has lower computational complexity than the previous schemes in literature and is particularly suitable for implementation of computational resource-restrained environment such as mobile and smart card applications etc.

Memento: How to Reconstruct Your Secrets from a Single Password in a Hostile Environment

TLDR
This work proposes the first t-out-of-n TPASS protocol for any n > t that does not suffer from this shortcoming and proves its protocol secure in the UC framework, which for the particular case of password-based protocols offers important advantages over property-based definitions.

Mitigating Server Breaches in Password-Based Authentication: Secure and Efficient Solutions

TLDR
These protocols rely on smooth projective hash functions and are proven secure under classical assumption in the standard model i.e. do not require idealized assumption, such as random oracles.

Security Analysis of an ID-Based Two-Server Password-Authenticated Key Exchange

TLDR
An existing related-key attack to their scheme is pointed out so that when one server is corrupted, the adversary can subtly derive the fresh key shared by the remaining two honest parties to avoid this concern.

ID-Based Group Password-Authenticated Key Exchange

TLDR
A compiler is presented that transforms any group key exchange (KE) protocol which is secure against a passive eavesdropping to a group PAKE which isSecure against an active adversary who controls all communications in the network.

An Efficient Password-Only Two-Server Authenticated Key Exchange System

TLDR
The question remains is whether it is possible to build a protocol which can significantly reduce the number of communication rounds without introducing additional security assumptions or computational complexity, and this paper gives an affirmative answer by proposing a very efficient protocol.
...

References

SHOWING 1-10 OF 17 REFERENCES

Secure Network Authentication with Password Identification

TLDR
The protocols described in this contribution are from the paper, Secure Network Authentication with Password Identi cation [MS], which is based on the security of RSA.

Secure Password-Based Protocol for Downloading a Private Key

TLDR
Protocols that allow Alice to be stateless, avoid denial-of-service attacks, allow for salt, and are minimal in computation and number of messages are presented.

Extended password key exchange protocols immune to dictionary attack

  • David P. Jablon
  • Computer Science, Mathematics
    Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
  • 1997
TLDR
A new extension to further limit exposure to theft of a stored password-verifier is described, and it is applied to several protocols including the Simple Password Exponential Key Exchange (SPEKE).

The Secure Remote Password Protocol

TLDR
This new protocol combines techniques of zero-knowledge proofs with asymmetric key exchange protocols and has significantly improved performance over comparably strong extended methods that resist stolen-veri er attacks such as Augmented EKE or B-SPEKE.

Strong password-only authenticated key exchange

A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channel

Increasing Availability and Security of an Authentication Service

  • L. Gong
  • Computer Science
    IEEE J. Sel. Areas Commun.
  • 1993
TLDR
A general solution in which the authentication server is replicated so that a minority of malicious and colluding servers cannot compromise security or disrupt service is proposed.

Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise

TLDR
Two ways to accomplish EKE augmented so that hosts do not store cleartext passwords are shown, one using digital signatures and one that relies on a family of commutative one-way functions.

Protecting Poorly Chosen Secrets from Guessing Attacks

TLDR
The basic idea is to ensure that data available to the attacker is sufficiently unpredictable to prevent an offline verification of whether a guess is successful or not and to examine protocols to detect vulnerabilities to such attacks.

The Kerberos Network Authentication Service (V5)

TLDR
This document gives an overview and specification of Version 5 of the protocol for the Kerberos network authentication system, presently in production use at MIT's Project Athena, and at other Internet sites.

The TLS Protocol Version 1.0

TLDR
This document specifies Version 1.0 of the Transport Layer Security (TLS) protocol, which provides communications privacy over the Internet by allowing client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.