Strong password-only authenticated key exchange
@article{Jablon1996StrongPA, title={Strong password-only authenticated key exchange}, author={David P. Jablon}, journal={Comput. Commun. Rev.}, year={1996}, volume={26}, pages={5-26} }
A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channel using only a small password, without risk of offline dictionary attack. SPEKE and the closely-related Diffie-Hellman Encrypted Key Exchange (DH-EKE) are examined in light of both known and new attacks, along with sufficient preventive constraints. Although SPEKE and DH-EKE are similar, the constraints…
Figures and Tables from this paper
556 Citations
CA based password-only authenticated key exchange
- Computer Science, Mathematics2000 IEEE Workshop on SiGNAL PROCESSING SYSTEMS. SiPS 2000. Design and Implementation (Cat. No.00TH8528)
- 2000
Presents a secure password-only authenticated key exchange (PAKE) method, designed based on the features of linear and nonlinear group as well as non-group cellular automata (CA) based logic structure, which offers intruders a high order of complexity to gain knowledge of the key.
The Secure Remote Password Protocol
- Computer Science, MathematicsNDSS
- 1998
This new protocol combines techniques of zero-knowledge proofs with asymmetric key exchange protocols and has significantly improved performance over comparably strong extended methods that resist stolen-veri er attacks such as Augmented EKE or B-SPEKE.
Weaknesses of a Password-Authenticated Key Exchange Protocol between Clients with Different Passwords
- Computer Science, MathematicsACNS
- 2004
This paper points out that the proposed password-authenticated key exchange protocol is not secure, due to the choice of invalid parameters (say, subgroup generator), and shows in detail that, even with properly chosen parameters, the protocol has still some secure flaws.
Password-Based Authenticated Key Exchange
- Computer Science, MathematicsPublic Key Cryptography
- 2012
Authenticated Key Exchange protocols enable several parties to establish a shared cryptographically strong key over an insecure network using various authentication means, such as strong…
Provably Secure Threshold Password-Authenticated Key Exchange Extended Abstract
- Computer Science, Mathematics
- 2003
These are the first protocols which are provably secure in the standard model (i.e. no random oracles are used for the proof of security) and are reasonably efficient and implementable in practice.
Provably secure threshold password-authenticated key exchange
- Computer Science, MathematicsJ. Comput. Syst. Sci.
- 2003
Password-Authenticated Key Exchange between Clients with Different Passwords
- Computer Science, MathematicsICICS
- 2002
This paper proposes a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE).
Authenticated Key Exchange Secure against Dictionary Attacks
- Computer Science, MathematicsEUROCRYPT
- 2000
Correctness for the idea at the center of the Encrypted Key-Exchange protocol of Bellovin and Merritt is proved: it is proved security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.
Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman
- Computer Science, MathematicsEUROCRYPT
- 2000
This work presents a new protocol called PAK, which is the first Diffie-Hellman-based password-authenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries.
References
SHOWING 1-10 OF 21 REFERENCES
Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks
- Computer Science, MathematicsUSENIX Security Symposium
- 1996
This paper presents an extension of their ideas called dual-workfactor encrypted key exchange that preserves EKE's strength against dictionary attacks but also efficiently prevents passive password-chaining attacks.
Refinement and extension of encrypted key exchange
- Computer Science, MathematicsOPSR
- 1995
This paper discusses a possible weakness in the proposed protocol, develops some enhancements and simplifications, and provides a security analysis of the resultant minimal EKE protocol, which yields a protocol with some interesting properties.
Encrypted key exchange: password-based protocols secure against dictionary attacks
- Computer Science, MathematicsProceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy
- 1992
A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise
- Computer Science, MathematicsCCS '93
- 1993
Two ways to accomplish EKE augmented so that hosts do not store cleartext passwords are shown, one using digital signatures and one that relies on a family of commutative one-way functions.
An attack on the Interlock Protocol when used for authentication
- Computer ScienceIEEE Trans. Inf. Theory
- 1994
The authors demonstrate that an active attacker can, at the cost of a timeout alarm, bypass the passwork exchange, and capture the passwords used.
Fortifying key negotiation schemes with poorly chosen passwords
- Computer Science
- 1994
Key exchange schemes such as Diffie Hellman are vulnerable to middleperson attacks, and thus are often augmented by means of shared secrets, which can be vulnerable to guessing attacks.
Authentication and authenticated key exchanges
- Computer Science, MathematicsDes. Codes Cryptogr.
- 1992
A simple, efficient protocol referred to as the station-to-station (STS) protocol is introduced, examined in detail, and considered in relation to existing protocols.
Protecting Poorly Chosen Secrets from Guessing Attacks
- Computer ScienceIEEE J. Sel. Areas Commun.
- 1993
The basic idea is to ensure that data available to the attacker is sufficiently unpredictable to prevent an offline verification of whether a guess is successful or not and to examine protocols to detect vulnerabilities to such attacks.
Optimal authentification protocols resistant to password guessing attacks
- Computer ScienceProceedings The Eighth IEEE Computer Security Foundations Workshop
- 1995
New protocols that are resistant to guessing attacks and also optimal in both messages and rounds are given, thus refuting the previous belief that protection against guessing attacks makes an authentification protocol inherently more expensive.
SPX: global authentication using public key certificates
- Computer ScienceProceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy
- 1991
SPX, a reference implementation of an open distributed authentication service architecture based on ISO Standard 9594-9/CCITT X.509 directory public key certificates and hierarchically organized…