Authenticated Key Exchange Secure Against Dictionary Attacks

Authenticated Key Exchange Secure Against Dictionary Attacks (2000)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Mihir Bellare , David Pointcheval , Phillip Rogaway

Citations:

252 - 32 self

BibTeX

@INPROCEEDINGS{Bellare00authenticatedkey,
    author = {Mihir Bellare and David Pointcheval and Phillip Rogaway},
    title = {Authenticated Key Exchange Secure Against Dictionary Attacks},
    booktitle = {},
    year = {2000},
    pages = {139--155},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, off line, all possible passwords. While several such protocols have been suggested, the underlying theory has been lagging. We begin by defining a model for this problem, one rich enough to deal with password guessing, forward secrecy, server compromise, and loss of session keys. The one model can be used to define various goals. We take AKE (with "implicit" authentication) as the "basic" goal, and we give definitions for it, and for entity-authentication goals as well. Then we prove correctness for the idea at the center of the Encrypted Key-Exchange (EKE) protocol of Bellovin and Merritt: we prove security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.

Citations

388	Entity authentication and key distribution - Bellare, Rogaway - 1994
293	Encrypted key exchange: Password-based protocols secure against dictionary attacks - Bellovin, Merritt - 1992
221	Timestamps in key distribution protocols - Denning, Sacco - 1981
193	A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract - Bellare, Canetti, et al. - 1998
185	Provably secure session key distribution---the three party case - Bellare, Rogaway - 1995
155	The secure remote password protocol - Wu - 1998
142	Strong password-only authenticated key exchange - Jablon - 1996
125	Provably secure password authenticated key exchange using Diffie-Hellman - Boyko, MacKenzie, et al. - 2000
117	Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password le compromise - Bellovin, Merritt - 1994
107	Protecting poorly chosen secrets from guessing attacks - Gong, Lomas, et al. - 1993
94	H.: Public-key cryptography and password protocols - Halevi, Krawczyk - 1999
56	Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys - Lucks - 1997
35	Extended Password Key Exchange Protocols Immune to Dictionary Attack - Jablon - 1997
28	Public-Key Cryptography and Password Protocols: The Multi-User Case - Boyarsky - 1999
26	Ciphers with Arbitrary Finite Domains - Black, Rogaway - 2002
24	Secure password-based cipher suite for TLS - Steiner, Buhler, et al.
13	Secure sessions from weak secrets - Roe, Wheeler - 1998
12	On Formal Models for Secure Key Exchange, Theory of Cryptography Library - Shoup - 1999
4	Secure Authentication with a Short Secret - MacKenzie, Swaminathan - 1999
4	encrypted key exchange: apassword-based protocol secure against dictionary attacks and password- le compromise - Bellovin, Merritt - 1993
3	private communication - Rackoff - 1995
1	Secure Authentication with a Short Secret. Manuscript. November 2 - MacKenzie, Swaminathan - 1999
1	private communication - Racko - 1995
1	Public-Key Cryptography andPassword Protocols: The Multi-User Case - Boyarsky - 1999