Number Theoretic Attacks on Secure Password Schemes
نویسنده
چکیده
Encrypted Key Exchange (EKE) [1, 2] allows two parties sharing a password to exchange authenticated information over an insecure network by using a combination of public and secret key cryptography. EKE promises security against active attacks and dictionary attacks. Other secure protocols have been proposed based on the use of randomized
منابع مشابه
Cryptanalysis of Tan's Improvement on a Password Authentication Scheme for Multi-server Environments
Smart cards have been applied on password authentication in recent years. A user can input his/her identity and password to require services from the remote server. There are various attacks through an insecure network to obtain a user’s information. Therefore, many schemes are proposed to guarantee secure communication. However, a lot of schemes are not secure. Recently, Tan proposed an improv...
متن کاملA Secure Hash-Based Strong-Password Authentication Scheme
Password authentication remains to be the most common form of user authentication. So far, many strong-password authentication schemes based on hash functions have been proposed, however, none is sufficiently secure and efficient. Based on the analysis of attacks against OSPA(Optimal Strong Password Authentication) protocol, we present a hash-based StrongPassword mutual Authentication Scheme (S...
متن کاملPassword-Based Group Key Exchange Secure Against Insider Guessing Attacks
Very recently, Byun and Lee suggested two provably secure group Diffie-Hellman key exchange protocols using n participant’s distinct passwords. Unfortunately, the schemes were found to be flawed by Tang and Chen. They presented two password guessing attacks such as off-line and undetectable on-line dictionary attacks by malicious insider attacker. In this paper, we present concrete countermeasu...
متن کاملA Secure Hash-Based Strong-Password Authentication Protocol Using One-Time Public-Key Cryptography
Secure communication is an important issue in networks and user authentication is a very important part of the security. Several strong-password authentication protocols have been introduced, but there is no fully secure authentication scheme that can resist all known attacks. We propose enhanced secure schemes with registration and login protocols, and add the “forget password” and password/ve...
متن کاملUser Authentication with Provable Security against Online Dictionary Attacks
Dictionary attacks are the best known threats on the password-based authentication schemes. Based on Reverse Turing Test (RTT), some usable and scalable authentication schemes are proposed to defeat online dictionary attacks mounted by automated programs. However it is found that these authentication schemes are vulnerable to various online dictionary attacks. In this paper, a practical decisio...
متن کامل