{"title":"Security and efficiency in authentication protocols resistant to password guessing attacks","authors":"Taekyoung Kwon, Joo-Seok Song","doi":"10.1109/LCN.1997.630994","DOIUrl":null,"url":null,"abstract":"Cryptographic protocols for authentication and key exchange are necessary for secure communications. Most protocols have assumed that a strong secret for authentication should be shared between communicating participants in the light of a threat of dictionary attacks. But a user-chosen weak secret, i.e. password, is typically used for authentication. Since most users want to use an easily memorizable password, which tends to be easy to guess, several authentication protocols that protect such a weak secret from password guessing attacks, have been developed. However, those security-oriented protocols are more expensive in terms of the number of random numbers, cipher operations, and protocol steps than the previous protocols which are not resistant to guessing attacks. The authors propose new authentication and key exchange protocols, which are efficient considerably in protecting a poorly-chosen weak secret from guessing attacks.","PeriodicalId":286255,"journal":{"name":"Proceedings of 22nd Annual Conference on Local Computer Networks","volume":"98 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-11-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 22nd Annual Conference on Local Computer Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LCN.1997.630994","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9
Abstract
Cryptographic protocols for authentication and key exchange are necessary for secure communications. Most protocols have assumed that a strong secret for authentication should be shared between communicating participants in the light of a threat of dictionary attacks. But a user-chosen weak secret, i.e. password, is typically used for authentication. Since most users want to use an easily memorizable password, which tends to be easy to guess, several authentication protocols that protect such a weak secret from password guessing attacks, have been developed. However, those security-oriented protocols are more expensive in terms of the number of random numbers, cipher operations, and protocol steps than the previous protocols which are not resistant to guessing attacks. The authors propose new authentication and key exchange protocols, which are efficient considerably in protecting a poorly-chosen weak secret from guessing attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
