Various types of attacks and solutions regarding secure remote user access over insecure networks

Authors:
Eun-Jun Yoon;Kee-Young Yoo
Affiliations:
Department of Computer Engineering, Kyungpook National University, Daegu, South Korea;Department of Computer Engineering, Kyungpook National University, Daegu, South Korea
Venue:
ICCSA'06 Proceedings of the 6th international conference on Computational Science and Its Applications - Volume Part I
Year:
2006

Citing 7
Cited 0

Strong password-only authenticated key exchange

ACM SIGCOMM Computer Communication Review
Public-key cryptography and password protocols

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Weaknesses of Lee-Li-Hwang's hash-based password authentication scheme

ACM SIGOPS Operating Systems Review
On the Security of Some Password Authentication Protocols

Informatica
Secure remote user access over insecure networks

Computer Communications
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

In 2005, Peyravian-Jeffries proposed secure password-based protocols for remote user authentication, password change, and session key establishment over insecure networks. These protocols, however, are still susceptible to a stolen-verifier attack. Accordingly, the current paper demonstrates the vulnerability of their protocols to a stolen-verifier attack and then, a simple solution to resolve such a problem is presented. In contrast to these protocols, the proposed solution can resist the stolen-verifier attack.