Security and efficiency in authentication protocols resistant to password guessing attacks

Research output: Contribution to journalConference article

4 Citations (Scopus)

Abstract

Cryptographic protocols for authentication and key exchange are necessary for secure communications. Most protocols have assumed that a strong secret for authentication should be shared between communicating participants in the light of a threat of dictionary attacks. But a user-chosen weak secret, i.e. password, is typically used for authentication. Since most users want to use an easily memorizable password, which tends to be easy to guess, several authentication protocols that protect such a weak secret from password guessing attacks, have been developed. However, those security-oriented protocols are more expensive in terms of the number of random numbers, cipher operations, and protocol steps than the previous protocols which are not resistant to guessing attacks. We propose new authentication and key exchange protocols, which are efficient considerably in protecting a poorly-chosen weak secret from guessing attacks.

Original languageEnglish
Pages (from-to)245-252
Number of pages8
JournalConference on Local Computer Networks
Publication statusPublished - 1997 Dec 1
EventProceedings of the 1997 22nd Conference on Local Computer Networks, LCN - Minneapolis, MN, USA
Duration: 1997 Nov 21997 Nov 5

Fingerprint

Authentication
Glossaries

All Science Journal Classification (ASJC) codes

  • Software
  • Electrical and Electronic Engineering

Cite this

@article{125ea96b8adf4109b42dbcfb308b2701,
title = "Security and efficiency in authentication protocols resistant to password guessing attacks",
abstract = "Cryptographic protocols for authentication and key exchange are necessary for secure communications. Most protocols have assumed that a strong secret for authentication should be shared between communicating participants in the light of a threat of dictionary attacks. But a user-chosen weak secret, i.e. password, is typically used for authentication. Since most users want to use an easily memorizable password, which tends to be easy to guess, several authentication protocols that protect such a weak secret from password guessing attacks, have been developed. However, those security-oriented protocols are more expensive in terms of the number of random numbers, cipher operations, and protocol steps than the previous protocols which are not resistant to guessing attacks. We propose new authentication and key exchange protocols, which are efficient considerably in protecting a poorly-chosen weak secret from guessing attacks.",
author = "Taekyoung Kwon and Jooseok Song",
year = "1997",
month = "12",
day = "1",
language = "English",
pages = "245--252",
journal = "Conference on Local Computer Networks",
issn = "0742-1303",

}

TY - JOUR

T1 - Security and efficiency in authentication protocols resistant to password guessing attacks

AU - Kwon, Taekyoung

AU - Song, Jooseok

PY - 1997/12/1

Y1 - 1997/12/1

N2 - Cryptographic protocols for authentication and key exchange are necessary for secure communications. Most protocols have assumed that a strong secret for authentication should be shared between communicating participants in the light of a threat of dictionary attacks. But a user-chosen weak secret, i.e. password, is typically used for authentication. Since most users want to use an easily memorizable password, which tends to be easy to guess, several authentication protocols that protect such a weak secret from password guessing attacks, have been developed. However, those security-oriented protocols are more expensive in terms of the number of random numbers, cipher operations, and protocol steps than the previous protocols which are not resistant to guessing attacks. We propose new authentication and key exchange protocols, which are efficient considerably in protecting a poorly-chosen weak secret from guessing attacks.

AB - Cryptographic protocols for authentication and key exchange are necessary for secure communications. Most protocols have assumed that a strong secret for authentication should be shared between communicating participants in the light of a threat of dictionary attacks. But a user-chosen weak secret, i.e. password, is typically used for authentication. Since most users want to use an easily memorizable password, which tends to be easy to guess, several authentication protocols that protect such a weak secret from password guessing attacks, have been developed. However, those security-oriented protocols are more expensive in terms of the number of random numbers, cipher operations, and protocol steps than the previous protocols which are not resistant to guessing attacks. We propose new authentication and key exchange protocols, which are efficient considerably in protecting a poorly-chosen weak secret from guessing attacks.

UR - http://www.scopus.com/inward/record.url?scp=0031340533&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0031340533&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:0031340533

SP - 245

EP - 252

JO - Conference on Local Computer Networks

JF - Conference on Local Computer Networks

SN - 0742-1303

ER -