Secure sessions from weak secrets

Authors:
Bruce Christianson;Michael Roe;David Wheeler
Affiliations:
Computer Science Department, University of Hertfordshire, Hatfield;Microsoft Research Limited, Cambridge;Computer Laboratory, University of Cambridge, England
Venue:
Proceedings of the 11th international conference on Security Protocols
Year:
2003

Citing 9
Cited 3

Strong password-only authenticated key exchange

ACM SIGCOMM Computer Communication Review
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
To Whom am I Speaking?

Computer
Transactions Using Bets

Proceedings of the International Workshop on Security Protocols
Protocol Interactions and the Chosen Protocol Attack

Proceedings of the 5th International Workshop on Security Protocols
Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys

Proceedings of the 5th International Workshop on Security Protocols
Optimal authentication protocols resistant to password guessing attacks

CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Number theoretic attacks on secure password schemes

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy

Multi-channel key agreement using encrypted public key exchange

Proceedings of the 15th international conference on Security protocols
“Fair” authentication in pervasive computing

MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
Auditable anonymous delegation

ICISS'05 Proceedings of the First international conference on Information Systems Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Sometimes two parties who already share a weak secret k such as a password wish to share also a strong secret s such as a session key without revealing information about k to an active attacker. We assume that both parties can generate strong random numbers and forget secrets, and present new protocols for secure strong secret sharing, based on RSA, Diffie-Hellman, and El-Gamal. As well as being simpler and quicker than their predecessors, our protocols also have stronger security properties. In particular, our protocols make no cryptographic use of s and so do not impose subtle restrictions upon the use which is subsequently made of s by other protocols. Neither do we rely upon the existence of hash functions with serendipitous properties. In the course of presenting these protocols, we also consider how to frustrate some new types of cryptographic and system attack.