Revision of AMP in IEEE P1363.2 and ISO/IEC 11770-4
نویسندگان
چکیده
While preparing a full document of AMP (Authenticated key agreement via Memorable Passwords), we have found a small but significant security problem in the current standardizing version of IEEE P1363.2 and ISO/IEC 11770-4. This document describes the problem and proposes the substitution of the former proposal AMP+ for resolving it.
منابع مشابه
Analysing and Patching SPEKE in ISO/IEC
Simple Password Exponential Key Exchange (SPEKE) is a well-known Password Authenticated Key Exchange (PAKE) protocol that has been used in Blackberry phones for secure messaging and Entrust’s TruePass end-toend web products. It has also been included into international standards such as ISO/IEC 11770-4 and IEEE P1363.2. In this paper, we analyse the SPEKE protocol as specified in the ISO/IEC an...
متن کاملOn the security of some password-based key agreement protocols crc.dvi
In this paper we show that three potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon’s scheme, namely the first password-based key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from some of these security vulnerabilities. We further show ...
متن کاملOn the Security of Some Password-Based Key Agreement Schemes
In this paper we show that two potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon’s scheme, namely the first passwordbased key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from one or both of these security vulnerabilities. We further s...
متن کاملThe SPEKE Protocol Revisited
The SPEKE protocol is commonly considered one of the classic Password Authenticated Key Exchange (PAKE) schemes. It has been included in international standards (particularly, ISO/IEC 11770-4 and IEEE 1363.2) and deployed in commercial products (e.g., Blackberry). We observe that the original SPEKE specification is subtly different from those defined in the ISO/IEC 11770-4 and IEEE 1363.2 stand...
متن کاملAttacks on An ISO/IEC 11770-2 Key Establishment Protocol
Two possible types of attack (a replay attack and a type attack) on a key establishment protocol (mechanism 12) standardised in ISO/IEC 11770-2 are described and two solutions are proposed.
متن کامل