Efficient and secure password-based authentication protocols against guessing attacks

Research output: Contribution to journalArticle

15 Citations (Scopus)

Abstract

We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally.

Original languageEnglish
Pages (from-to)853-861
Number of pages9
JournalComputer Communications
Volume21
Issue number9
Publication statusPublished - 1998 Jul 1

Fingerprint

Authentication
Hash functions
Communication
Costs

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

@article{6158c230ee564b37a210cfd708e7fec9,
title = "Efficient and secure password-based authentication protocols against guessing attacks",
abstract = "We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally.",
author = "Taekyoung Kwon and Jooseok Song",
year = "1998",
month = "7",
day = "1",
language = "English",
volume = "21",
pages = "853--861",
journal = "Computer Communications",
issn = "0140-3664",
publisher = "Elsevier",
number = "9",

}

Efficient and secure password-based authentication protocols against guessing attacks. / Kwon, Taekyoung; Song, Jooseok.

In: Computer Communications, Vol. 21, No. 9, 01.07.1998, p. 853-861.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Efficient and secure password-based authentication protocols against guessing attacks

AU - Kwon, Taekyoung

AU - Song, Jooseok

PY - 1998/7/1

Y1 - 1998/7/1

N2 - We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally.

AB - We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally.

UR - http://www.scopus.com/inward/record.url?scp=0032115203&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0032115203&partnerID=8YFLogxK

M3 - Article

VL - 21

SP - 853

EP - 861

JO - Computer Communications

JF - Computer Communications

SN - 0140-3664

IS - 9

ER -