EFFICIENT AND SECURE PASSWORD-BASED AUTHENTICATION PROTOCOLS AGAINST GUESSING ATTACKS

Authors
KWON T SONG J
Citation
T. Kwon et J. Song, EFFICIENT AND SECURE PASSWORD-BASED AUTHENTICATION PROTOCOLS AGAINST GUESSING ATTACKS, Computer communications, 21(9), 1998, pp. 853-861
Citations number
20
Categorie Soggetti
Computer Science Software Graphycs Programming","Computer Science Hardware & Architecture","Computer Science Information Systems","Computer Science Information Systems","Computer Science Hardware & Architecture","Computer Science Software Graphycs Programming
Journal title
Computer communicationsACNP
ISSN journal
01403664
Volume
21
Issue
9
Year of publication
1998
Pages
853 - 861
Database
ISI
SICI code
0140-3664(1998)21:9<853:EASPAP>2.0.ZU;2-J
Abstract
We propose authentication and key exchange protocols which are both ef ficient and secure against password guessing attacks. Conventional aut hentication protocols have assumed that a strong secret should be shar ed between communicating participants, in the light of a threat of gue ssing attacks. A cryptographically long secret would be favored for se curity reasons, but it is not suitable for users to remember. Recent p assword-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication cost s. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol fo rmally. (C) 1998 Elsevier Science B.V.