Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks
نویسنده
چکیده
Password-based key-server protocols are susceptible to password chaining attacks, in which an enemy uses knowledge of a user's current password to learn all future passwords. As a result, the exposure of a single password eeectively compromises all future communications by that user. The same protocols also tend to be vulnerable to dictionary attacks against user passwords. Bellovin and Merritt1] presented a hybrid of symmetric-and public-key cryptography called En-crypted Key Exchange (EKE) that cleanly solves the dictionary attack problem. This paper presents an extension of their ideas called dual-workfactor en-crypted key exchange that preserves EKE's strength against dictionary attacks but also eeciently prevents passive password-chaining attacks.
منابع مشابه
Encrypted key exchange: password-based protocols secure against dictionary attacks
Classical cryptographic protocols based on user chosen keys allow an attacker to mount password guessing attacks We introduce a novel combination of asymmetric public key and symmetric secret key cryptography that allow two parties sharing a common password to exchange con dential and authenticated information over an insecure network These proto cols are secure against active attacks and have ...
متن کاملNumber Theoretic Attacks on Secure Password Schemes
Encrypted Key Exchange (EKE) [1, 2] allows two parties sharing a password to exchange authenticated information over an insecure network by using a combination of public and secret key cryptography. EKE promises security against active attacks and dictionary attacks. Other secure protocols have been proposed based on the use of randomized
متن کاملRe nement and Extension of Encrypted Key
In their recent paper, \Encrypted Key Exchange: Password-based Protocols Secure Against Dictionary Attacks ," Bellovin and Merritt propose a novel and elegant method for safeguarding weak passwords. This paper discusses a possible weakness in the proposed protocol, develops some enhancements and simpli-cations, and provides a security analysis of the resultant minimal EKE protocol. In addition,...
متن کاملRFC 6124 The EAP - EKE Method
The Extensible Authentication Protocol (EAP) describes a framework that allows the use of multiple authentication mechanisms. This document defines an authentication mechanism for EAP called EAP-EKE, based on the Encrypted Key Exchange (EKE) protocol. This method provides mutual authentication through the use of a short, easy to remember password. Compared with other common authentication metho...
متن کاملAnalysing Password Protocol Security Against Off-line Dictionary Attacks
We study the security of password protocols against off-line dictionary attacks. In addition to the standard adversary abilities, we also consider further cryptographic advantages given to the adversary when considering the password protocol being instantiated with particular encryption schemes. We work with the applied pi calculus of Abadi and Fournet, in which the (new) adversary abilities ar...
متن کامل