An identity-based key-exchange protocol
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Extended Password Key Exchange Protocols Immune to Dictionary Attacks
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
This paper describes secure password-based authentication involving a trusted third party, while the previous secure password authentication schemes focused on authentication involving two parties who shares the password. Kerberos is a well-known password-based authentication protocol involving a trusted third party. However, Kerberos is weak against the dictionary attack, suffers from a single point of failure. Additionally, Kerberos cannot provide a forward secrecy, which protects past sessions and further compromise, when a password is revealed. Our password authentication schemes provides Single Sign On like Kerberos and is secure against on/off-line dictionary attack. Moreover, The schemes provide a forward secrecy, and reduces the damage of the single point of failure.