DocumentCode
1244044
Title
Password-only authenticated key establishment protocol without public key cryptography
Author
Laih, C.S. ; Ding, Lixin ; Huang, Yuan
Author_Institution
Dept. of Electr. Eng., Nat. Cheng Kung Univ., Tainan, Taiwan
Volume
41
Issue
4
fYear
2005
Firstpage
185
Lastpage
186
Abstract
A scenario in which a user and a server can authenticate each other and generate a strong session key through a symmetric cipher by their shared weak (low-entropy) password in an insecure channel is considered. Until now, designing a secure protocol in this scenario has been an open problem due to the offline dictionary attack. A protocol to resolve this problem is proposed. The idea is to ensure that people must participate to verify each guessed password in the offline dictionary attack. Therefore, this attack cannot succeed in a reasonable time for the proposed protocol.
Keywords
authorisation; cryptography; message authentication; protocols; telecommunication security; authorisation; insecure channel; low entropy password; offline dictionary attack; password guessing; password only authenticated key establishment protocol; public key cryptography; secure protocol; symmetric cipher; symmetric cryptography; telecommunication security; weak password sharing;
fLanguage
English
Journal_Title
Electronics Letters
Publisher
iet
ISSN
0013-5194
Type
jour
DOI
10.1049/el:20057114
Filename
1397399
Link To Document