Practical security improvement of PKCS#5

Sanghoon Song, Taekyoung Kwon, Ki Song Yoon

Research output: Contribution to journalArticle

Abstract

A public key infrastructure (PKI) is being deployed in a field of network security. PKCS#5 is one of the most popular standards in PKI framework, intended for the practical implementation of password-based cryptography. So, the PKCS#5 encryption must be useful for general software applications within multimedia systems. However, it has a critical weak point in terms of security such as being vulnerable to off-line attacks due to the password-derived encryption key. In this paper, we observe a practical and simple method to improve security of the PKCS#5 encryption without modifying the installed base. The idea is to hide a salt by exploiting several existing schemes.

Original languageEnglish
Pages (from-to)869-876
Number of pages8
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2869
Publication statusPublished - 2003 Dec 1

Fingerprint

Encryption
Cryptography
Public Key Infrastructure
Password
Multimedia Systems
Network Security
Salt
Multimedia systems
Network security
Application programs
Attack
Software
Line
Salts
Standards
Framework

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

@article{456517b923e243f186497d90c35c31f4,
title = "Practical security improvement of PKCS#5",
abstract = "A public key infrastructure (PKI) is being deployed in a field of network security. PKCS#5 is one of the most popular standards in PKI framework, intended for the practical implementation of password-based cryptography. So, the PKCS#5 encryption must be useful for general software applications within multimedia systems. However, it has a critical weak point in terms of security such as being vulnerable to off-line attacks due to the password-derived encryption key. In this paper, we observe a practical and simple method to improve security of the PKCS#5 encryption without modifying the installed base. The idea is to hide a salt by exploiting several existing schemes.",
author = "Sanghoon Song and Taekyoung Kwon and Yoon, {Ki Song}",
year = "2003",
month = "12",
day = "1",
language = "English",
volume = "2869",
pages = "869--876",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - Practical security improvement of PKCS#5

AU - Song, Sanghoon

AU - Kwon, Taekyoung

AU - Yoon, Ki Song

PY - 2003/12/1

Y1 - 2003/12/1

N2 - A public key infrastructure (PKI) is being deployed in a field of network security. PKCS#5 is one of the most popular standards in PKI framework, intended for the practical implementation of password-based cryptography. So, the PKCS#5 encryption must be useful for general software applications within multimedia systems. However, it has a critical weak point in terms of security such as being vulnerable to off-line attacks due to the password-derived encryption key. In this paper, we observe a practical and simple method to improve security of the PKCS#5 encryption without modifying the installed base. The idea is to hide a salt by exploiting several existing schemes.

AB - A public key infrastructure (PKI) is being deployed in a field of network security. PKCS#5 is one of the most popular standards in PKI framework, intended for the practical implementation of password-based cryptography. So, the PKCS#5 encryption must be useful for general software applications within multimedia systems. However, it has a critical weak point in terms of security such as being vulnerable to off-line attacks due to the password-derived encryption key. In this paper, we observe a practical and simple method to improve security of the PKCS#5 encryption without modifying the installed base. The idea is to hide a salt by exploiting several existing schemes.

UR - http://www.scopus.com/inward/record.url?scp=0142183961&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0142183961&partnerID=8YFLogxK

M3 - Article

VL - 2869

SP - 869

EP - 876

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -