Extended Password Key Exchange Protocols Immune to Dictionary Attack

Extended Password Key Exchange Protocols Immune to Dictionary Attack (1997)

Cached

Download Links

by David P. Jablon

Citations:

BibTeX

@MISC{Jablon97extendedpassword,
    author = {David P. Jablon},
    title = { Extended Password Key Exchange Protocols Immune to Dictionary Attack},
    year = {1997}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K,. Bob chooses a random X and X sends g mod p. Alice computes K2=gxc mod p, and proves knowledge of {K,,K2/. Bob vervies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved pe$ormance over Bellovin & Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.

Citations

293	Encrypted key exchange: Password-based protocols secure against dictionary attacks - Bellovin, Merritt - 1992
117	Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password le compromise - Bellovin, Merritt - 1994
107	Protecting poorly chosen secrets from guessing attacks - Gong, Lomas, et al. - 1993
96	Fast key exchange with elliptic curve systems - Schroeppel, Orman, et al. - 1995
56	Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys - Lucks - 1997
51	Refinement and Extension of Encrypted Key Exchange - Steiner, Tsudik, et al. - 1995
51	On Diffie-Hellman key agreement with short exponents - Oorschot, Wiener - 1996
37	Number-Theoretic Attacks on Secure Password Schemes - Patel - 1997
35	Optimal Authentication Protocols Resistant to Password Guessing Attacks - Gong - 1995
30	Diffie-Hellman oracles - Maurer, Wolf
13	Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks - Jaspan - 1996
6	Cryptographic protocol for remote authentication - Bellovin, Merritt - 1995
2	working group, "IEEE P1363 Working Draft -- Standards for Public-key Cryptography", This document is currently available at: http://stdsbbs.ieee.org/1363 - P1363
2	Refinement and Extension of Encrypted Key Exchange", Operating Systems Review - Steiner, Tsudik, et al. - 1995
1	Cryptographic Apparatus and Method", U.S. Patent #4,200,770, April 29 - Hellman, Diffie, et al. - 1980
1	working group, "IEEE PI363 Working Draft -- Standards for Public-key Cryptography", This document is currently available at: http://stdsbbs.ieee.org/l363 [SO0951 - P1363 - 1995