Title :
A Password-Based Key Establishment Protocol with Symmetric Key Cryptography
Author :
Erguler, Imran ; Anarim, Emin
Author_Institution :
Nat. Res. Inst. of Electron. & Cryptology, TUBITAK-UEKAE Gebze, Gebze
Abstract :
In 2005, Laih, Ding and Huang proposed a password-based key establishment protocol such that a user and a server can authenticate each other and generate a strong session key by their shared weak password within a symmetric cipher in an insecure channel. In this protocol, a special function which is a combination of a picture function and a distortion function e.g. CAPTCHA, is combined to authenticate the user and protect the password from the dictionary attacks that are major threats for most of the weak password-based protocols. They claim that the proposed protocol is secure against some well known attacks. However Tang and Mitchell show that the protocol suffers from an offline dictionary attack requiring a machine-based search of size 223 which takes only about 2.3 hours. So designing such a protocol with providing practical security against offline attack is still an open problem. In this study, we introduce two password-based authenticated key establishment protocols that provide practical security against offline dictionary attacks by only using symmetric key cryptography.
Keywords :
cryptographic protocols; message authentication; private key cryptography; public key cryptography; CAPTCHA; authentication; distortion function; machine-based search; offline dictionary attack; password-based key establishment protocol; picture function; symmetric cipher; symmetric key cryptography; Authentication; Computer networks; Cryptographic protocols; Dictionaries; Humans; Mobile communication; Mobile computing; Power system security; Public key cryptography; Wireless application protocol; CAPTCHA; password-based authentication;
Conference_Titel :
Networking and Communications, 2008. WIMOB '08. IEEE International Conference on Wireless and Mobile Computing,
Conference_Location :
Avignon
Print_ISBN :
978-0-7695-3393-3
Electronic_ISBN :
978-0-7695-3393-3
DOI :
10.1109/WiMob.2008.112