Authenticated Key Exchange Secure against Dictionary Attacks

Bellare, Mihir; Pointcheval, David; Rogaway, Phillip

doi:10.1007/3-540-45539-6_11

Cited by 1,086 publications

(1,171 citation statements)

References 16 publications

Supporting

Mentioning

1,122

Contrasting

Unclassified

Order By: Relevance

“…More recently, two formal models for password-authenticated key exchange have been proposed: one by Bellare, Pointcheval, and Rogaway [3], based on [4,6] with extensions suggested by [21]; and a second by Boyko, MacKenzie, and Patel [10], following [2] with extensions given in [28]. While both models have their advantages, we choose to work in the first model and review the appropriate definitions in Section 2.…”

Section: Previous Workmentioning

confidence: 99%

“…Only recently have formal validations of security for specific protocols appeared [3,10,22]. However, these validations are not proofs in the standard model; [3] relies on ideal ciphers, while [10,22] rely on random oracles.…”

Section: Previous Workmentioning

confidence: 99%

“…The setting arising most often in practice -in which (human) users are only capable of storing "human-memorable" passwords (password-authenticated key exchange) -remains much less studied, though many heuristic protocols exist. Indeed, only recently have formal definitions of security for this setting appeared [3,10,22,17].…”

Section: Introductionmentioning

confidence: 99%

“…Many heuristic protocols have been proposed to solve this important problem. Only recently have formal validations of security (namely, proofs in the idealized random oracle and ideal cipher models) been given for specific constructions [3,10,22].Very recently, a construction based on general assumptions, secure in the standard model with human-memorable passwords, has been proposed by Goldreich and Lindell [17]. Their protocol requires no public parameters; unfortunately, it requires techniques from general multi-party computation which make it impractical.…”

mentioning

confidence: 99%

mentioning

confidence: 99%

See 4 more Smart Citations

Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords

Katz

Ostrovsky²,

Yung

2001

Lecture Notes in Computer Science

316

248

View full text Add to dashboard Cite

Abstract. There has been much interest in password-authenticated keyexchange protocols which remain secure even when users choose passwords from a very small space of possible passwords (say, a dictionary of English words). Under this assumption, one must be careful to design protocols which cannot be broken using off-line dictionary attacks in which an adversary enumerates all possible passwords in an attempt to determine the correct one. Many heuristic protocols have been proposed to solve this important problem. Only recently have formal validations of security (namely, proofs in the idealized random oracle and ideal cipher models) been given for specific constructions [3,10,22].Very recently, a construction based on general assumptions, secure in the standard model with human-memorable passwords, has been proposed by Goldreich and Lindell [17]. Their protocol requires no public parameters; unfortunately, it requires techniques from general multi-party computation which make it impractical. Thus, [17] We show an efficient, 3-round, password-authenticated key exchange protocol with human-memorable passwords which is provably secure under the Decisional Diffie-Hellman assumption, yet requires only (roughly) 8 times more computation than "standard" Diffie-Hellman key exchange [14] (which provides no authentication at all). We assume public parameters available to all parties. We stress that we work in the standard model only, and do not require a "random oracle" assumption.

show abstract

Section: Previous Workmentioning

confidence: 99%

Section: Previous Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations

Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords

Katz

Ostrovsky²,

Yung

2001

Lecture Notes in Computer Science

316

248

View full text Add to dashboard Cite

show abstract

Symmetric Cryptography

2003

Security in Fixed and Wireless Networks

View full text Add to dashboard Cite

Overall Objectives PresentationCryptographic algorithms are the equivalent of locks, seals, security stamps and identification documents on the Internet. They are essential to protect our on-line bank transactions, credit cards, medical and personal information and to support e-commerce and e-government. They come in different flavors. Encryption algorithms are essential to protect sensitive information such as medical data, financial information and Personal Identification Numbers (PINs) from prying eyes. Digital signature algorithms (in combination with hash functions) replace hand-written signatures in electronic transactions. A similar role can be played by MAC algorithms. Identification protocols allow to securely verify the identity of the party at the other end of the line. Therefore, cryptology is a research area with a high strategic impact for industries, individuals, and for the society as a whole.

show abstract

References

2020

SCADA Security: Machine Learning Concepts for Intrusion Detection and Prevention

View full text Add to dashboard Cite

Authenticated Key Exchange Secure against Dictionary Attacks

Cited by 1,086 publications

References 16 publications

Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords

Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords

Symmetric Cryptography

References

Contact Info

Product

Resources

About