Reducing risks from poorly chosen keys
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Public-key cryptography and password protocols
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Public-key cryptography and password protocols: the multi-user case
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys
Proceedings of the 5th International Workshop on Security Protocols
Key Agreement Protocols and Their Security Analysis
Proceedings of the 6th IMA International Conference on Cryptography and Coding
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Extended Password Key Exchange Protocols Immune to Dictionary Attacks
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Number theoretic attacks on secure password schemes
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Secure password-based cipher suite for TLS
ACM Transactions on Information and System Security (TISSEC)
Simple authenticated key agreement protocol resistant to password guessing attacks
ACM SIGOPS Operating Systems Review
Elliptic Curve Based Password Authenticated Key Exchange Protocols
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Securing Agent Based Architectures
EDCIS '02 Proceedings of the First International Conference on Engineering and Deployment of Cooperative Information Systems
Password Authentication Using Multiple Servers
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
More Efficient Password-Authenticated Key Exchange
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Password-Authenticated Key Exchange between Clients with Different Passwords
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Session-Key Generation Using Human Passwords Only
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Threshold Password-Authenticated Key Exchange
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Password-Authenticated Key Exchange Based on RSA
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proceedings of the 11th USENIX Security Symposium
ISC '01 Proceedings of the 4th International Conference on Information Security
Round-Optimal Contributory Conference Key Agreement
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks
ISC '02 Proceedings of the 5th International Conference on Information Security
Parallizable simple authenticated key agreement protocol
ACM SIGOPS Operating Systems Review
Security proofs for an efficient password-based key exchange
Proceedings of the 10th ACM conference on Computer and communications security
A secure and efficient strong-password authentication protocol
ACM SIGOPS Operating Systems Review
Password authenticated key exchange using hidden smooth subgroups
Proceedings of the 12th ACM conference on Computer and communications security
Fast dictionary attacks on passwords using time-space tradeoff
Proceedings of the 12th ACM conference on Computer and communications security
Designs, Codes and Cryptography
Provably secure password-based authentication in TLS
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Security analysis of a password-based authentication protocol proposed to IEEE 1363
Theoretical Computer Science
A framework for password-based authenticated key exchange1
ACM Transactions on Information and System Security (TISSEC)
Provably secure threshold password-authenticated key exchange
Journal of Computer and System Sciences
Neural Network Techniques for Proactive Password Checking
IEEE Transactions on Dependable and Secure Computing
Security flaws of remote user access over insecure networks
Computer Communications
Security weakness in a three-party pairing-based protocol for password authenticated key exchange
Information Sciences: an International Journal
Potential weaknesses of AuthA password-authenticated key agreement protocols
Computer Standards & Interfaces
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
EC2C-PAKA: An efficient client-to-client password-authenticated key agreement
Information Sciences: an International Journal
International Journal of Wireless and Mobile Computing
Strong password-based authentication in TLS using the three-party group Diffie Hellman protocol
International Journal of Security and Networks
Provably secure browser-based user-aware mutual authentication over TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Secure Password Authentication for Distributed Computing
Computational Intelligence and Security
Provably Secure N-Party Authenticated Key Exchange in the Multicast DPWA Setting
Information Security and Cryptology
Password Mistyping in Two-Factor-Authenticated Key Exchange
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Password-Authenticated Key Exchange between Clients in a Cross-Realm Setting
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting
KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
Efficient and Strongly Secure Password-Based Server Aided Key Exchange (Extended Abstract)
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Anonymous and Transparent Gateway-Based Password-Authenticated Key Exchange
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
A novel software key container in on-line media services
Computers and Electrical Engineering
Seeing-Is-Believing: using camera phones for human-verifiable authentication
International Journal of Security and Networks
Distributed Public-Key Cryptography from Weak Secrets
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Hidden credential retrieval from a reusable password
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Non-malleable extractors and symmetric key cryptography from weak secrets
Proceedings of the forty-first annual ACM symposium on Theory of computing
A New Client-to-Client Password-Authenticated Key Agreement Protocol
IWCC '09 Proceedings of the 2nd International Workshop on Coding and Cryptology
Password-Authenticated Group Key Agreement with Adaptive Security and Contributiveness
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
User-aware provably secure protocols for browser-based mutual authentication
International Journal of Applied Cryptography
nPAKE+: a tree-based group password-authenticated key exchange protocol using different passwords
Journal of Computer Science and Technology
Efficient and secure authenticated key exchange using weak passwords
Journal of the ACM (JACM)
Secure remote user access over insecure networks
Computer Communications
Cryptanalysis of some improved password-authenticated key exchange schemes
Computer Communications
An off-line dictionary attack on a simple three-party key exchange protocol
IEEE Communications Letters
Password authenticated key exchange protocols among diverse network domains
Computers and Electrical Engineering
A comparative study of secure device pairing methods
Pervasive and Mobile Computing
Enhancement of two-factor authenticated key exchange protocols in public wireless LANs
Computers and Electrical Engineering
ID-Based Group Password-Authenticated Key Exchange
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
HPAKE: Password Authentication Secure against Cross-Site User Impersonation
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
On the Usability of Secure Association of Wireless Devices Based on Distance Bounding
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Smooth Projective Hashing and Password-Based Authenticated Key Exchange from Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Analysing Password Protocol Security Against Off-line Dictionary Attacks
Electronic Notes in Theoretical Computer Science (ENTCS)
Verifier-based password-authenticated key exchange protocol in cross-realm setting
CCDC'09 Proceedings of the 21st annual international conference on Chinese control and decision conference
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
EPA: an efficient password-based protocol for authenticated key exchange
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
(Password) authenticated key establishment: from 2-party to group
TCC'07 Proceedings of the 4th conference on Theory of cryptography
EAP using the split password-based authenticated key agreement
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Provably secure threshold password-authenticated key exchange
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A framework for password-based authenticated key exchange
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Forward secrecy in password-only key exchange protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
A scalable and secure cryptographic service
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
AAECC'07 Proceedings of the 17th international conference on Applied algebra, algebraic algorithms and error-correcting codes
nPAKE+: a hierarchical group password-authenticated key exchange protocol using different passwords
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Multi-factor authenticated key exchange
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Efficient two-party password-based key exchange protocols in the UC framework
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Repairing the bluetooth pairing protocol
Proceedings of the 13th international conference on Security protocols
Faster and shorter password-authenticated key exchange
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Key establishment protocols using environmental and physiological data in wireless sensor networks
International Journal of Sensor Networks
Guessing attacks and the computational soundness of static equivalence
Journal of Computer Security
Multi-factor password-authenticated key exchange
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
Groupthink: usability of secure group association for wireless devices
Proceedings of the 12th ACM international conference on Ubiquitous computing
Proceedings of the 17th ACM conference on Computer and communications security
A new framework for efficient password-based authenticated key exchange
Proceedings of the 17th ACM conference on Computer and communications security
Survey: leakage resilience and the bounded retrieval model
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Efficient indifferentiable hashing into ordinary elliptic curves
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Password-authenticated session-key generation on the internet in the plain model
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Estimating the size of the image of deterministic hash functions to elliptic curves
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Towards practical anonymous password authentication
Proceedings of the 26th Annual Computer Security Applications Conference
One-time-password-authenticated key exchange
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
An exquisite authentication scheme with key agreement preserving user anonymity
WISM'10 Proceedings of the 2010 international conference on Web information systems and mining
Federated secret handshakes with support for revocation
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Efficient password-based authenticated key exchange protocol in the UC framework
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
A smart card based authentication protocol for strong passwords
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Pairing devices for social interactions: a comparative usability evaluation
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Round-optimal password-based authenticated key exchange
TCC'11 Proceedings of the 8th conference on Theory of cryptography
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Secure in-band wireless pairing
SEC'11 Proceedings of the 20th USENIX conference on Security
Secure hash-based password authentication protocol using smartcards
ICCSA'11 Proceedings of the 2011 international conference on Computational science and Its applications - Volume Part V
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Usability of display-equipped RFID tags for security purposes
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
TW-KEAP: an efficient four-party key exchange protocol for end-to-end communications
Proceedings of the 4th international conference on Security of information and networks
A scalable password-based group key exchange protocol in the standard model
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Password based key exchange with mutual authentication
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Provably secure three-party password authenticated key exchange protocol in the standard model
Journal of Systems and Software
Security analysis of secure password authentication for keystroke dynamics
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Guessing attacks and the computational soundness of static equivalence
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Password-based group key exchange secure against insider guessing attacks
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Password-based encryption analyzed
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Interactive diffie-hellman assumptions with applications to password-based authentication
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Two-server password-only authenticated key exchange
Journal of Computer and System Sciences
Anonymous password-based authenticated key exchange
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Security analysis of password-authenticated key agreement protocols
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
An improvement on strong-password authentication protocols
ICESS'05 Proceedings of the Second international conference on Embedded Software and Systems
On bluetooth repairing: key agreement based on symmetric-key cryptography
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Efficient and provably secure client-to-client password-based key exchange protocol
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Various types of attacks and solutions regarding secure remote user access over insecure networks
ICCSA'06 Proceedings of the 6th international conference on Computational Science and Its Applications - Volume Part I
Mobile password system for enhancing usability-guaranteed security in mobile phone banking
HSI'05 Proceedings of the 3rd international conference on Human Society@Internet: web and Communication Technologies and Internet-Related Social Issues
One-Time verifier-based encrypted key exchange
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Password-Based authenticated key exchange in the three-party setting
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Two-Server password-only authenticated key exchange
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Strengthening password-based authentication protocols against online dictionary attacks
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
N-Party encrypted diffie-hellman key exchange using different passwords
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Simple password-based encrypted key exchange protocols
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Hard bits of the discrete log with applications to password authentication
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Proofs for two-server password authentication
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
The relationship between password-authenticated key exchange and other cryptographic primitives
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Secure password authentication for keystroke dynamics
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Key-exchange protocol using pre-agreed Session-ID
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Password-Based user authentication protocol for mobile environment
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
Gateway-oriented password-authenticated key exchange protocol in the standard model
Journal of Systems and Software
Ephemeral pairing on anonymous networks
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Secure remote authentication using biometric data
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Universally composable password-based key exchange
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Secure protected password change scheme
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Threshold password-based authenticated group key exchange in gateway-oriented setting
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
A method for making password-based key exchange resilient to server compromise
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Robust fuzzy extractors and authenticated key agreement from close secrets
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
An inter-domain key agreement protocol using weak passwords
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Secure cross-realm C2C-PAKE protocol
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
One-Round protocol for two-party verifier-based password-authenticated key exchange
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Provably-Secure two-round password-authenticated group key exchange in the standard model
IWSEC'06 Proceedings of the 1st international conference on Security
Efficient password-authenticated key exchange based on RSA
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Key exchange using passwords and long keys
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Constant-Round password-based group key generation for multi-layer ad-hoc networks
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
A provably secure authenticated key agreement protocol for wireless communications
Computers and Electrical Engineering
Password-Based authenticated key exchange
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Efficient password authenticated key exchange via oblivious transfer
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Sufficient condition for ephemeral key-leakage resilient tripartite key exchange
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Designing the API for a cryptographic library: a misuse-resistant application programming interface
Ada-Europe'12 Proceedings of the 17th Ada-Europe international conference on Reliable Software Technologies
Efficient password-based authenticated key exchange without public information
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Indifferentiable hashing to barreto---naehrig curves
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
Anonymous password-based key exchange with low resources consumption and better user-friendliness
Security and Communication Networks
Trusted launch of virtual machine instances in public iaas environments
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Secure SMS based automatic device pairing approach for mobile phones
ICIC'13 Proceedings of the 9th international conference on Intelligent Computing Theories and Technology
TrustID: trustworthy identities for untrusted mobile devices
Proceedings of the 4th ACM conference on Data and application security and privacy
Go anywhere: user-verifiable authentication over distance-free channel for mobile devices
Personal and Ubiquitous Computing
Review: A survey of secure protocols in Mobile IPv6
Journal of Network and Computer Applications
Composition of password-based protocols
Formal Methods in System Design
Can Jannie verify? Usability of display-equipped RFID tags for security purposes
Journal of Computer Security - Research in Computer Security and Privacy: Emerging Trends
| Hi-index | 0.00 |
When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using cryptographically secure keys), one must not allow any information to be leaked that would allow verification of the password (a weak shared key), since an attacker who obtains this information may be able to run an off-line dictionary attack to determine the correct password. We present a new protocol called PAK which is the first Diffie-Hellman-based password-authenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries. In addition to the PAK protocol that provides mutual explicit authentication, we also show a more efficient protocol called PPK that is provably secure in the implicit -authentication model. We then extend PAK to a protocol called PAK-X, in which one side (the client) stores a plaintext version of the password, while the other side (the server) only stores a verifier for the password. We formally prove security of PAK-X, even when the server is compromised. Our formal model for password-authenticated key exchange is new, and may be of independent interest.