DocumentCode :
2675814
Title :
Defending Secret-Key Based Authentication Protocols against the Stolen-Secret Attack
Author :
Sun, Hung-Min ; Wang, King-Hang
Author_Institution :
Dept. of Comput. Sci., Nat. Tsing Hua Univ., Hsinchu
fYear :
2008
fDate :
3-5 Aug. 2008
Firstpage :
385
Lastpage :
389
Abstract :
The security of a two-party authentication protocol relies on the stored secrets of each entity are not easily compromised by adversaries. However, in the real world, hackers can always divulge the stored secrets. In this paper, we introduce the concept of the stolen-secret attack and point out that all existing secret-key based authentication protocols and password based authentication protocols suffer from this attack. We also propose two methods that defend against the stolen-secret attack. Security proof and implementation analysis are given for both methods to illustrate their soundness and usefulness.
Keywords :
computer crime; message authentication; private key cryptography; hackers; password based authentication protocols; stolen-secret attack; two-party authentication protocol; Access protocols; Authentication; Computer security; Cryptographic protocols; File servers; National security; Public key; Public key cryptography; Resists; Smart cards;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Electronic Commerce and Security, 2008 International Symposium on
Conference_Location :
Guangzhou City
Print_ISBN :
978-0-7695-3258-5
Type :
conf
DOI :
10.1109/ISECS.2008.36
Filename :
4606092
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2675814
بازگشت