CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Password authentication with insecure communication
Communications of the ACM
Secure password-based cipher suite for TLS
ACM Transactions on Information and System Security (TISSEC)
On the Length of Cryptographic Hash-Values Used in Identification Schemes
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Security proofs for an efficient password-based key exchange
Proceedings of the 10th ACM conference on Computer and communications security
The Grid 2: Blueprint for a New Computing Infrastructure
The Grid 2: Blueprint for a New Computing Infrastructure
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
Secure password-based authenticated key exchange for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Forward secrecy in password-only key exchange protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Secure password-based authenticated key exchange for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Provably secure password-based authentication in TLS
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
International Journal of Wireless and Mobile Computing
Strong password-based authentication in TLS using the three-party group Diffie Hellman protocol
International Journal of Security and Networks
Provably secure browser-based user-aware mutual authentication over TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Practical Password-Based Authenticated Key Exchange Protocol
Computational Intelligence and Security
Constant-Round Password-Based Authenticated Key Exchange Protocol for Dynamic Groups
Financial Cryptography and Data Security
Password-based authenticated key establishment for wireless group communications in an ad-hoc mode
International Journal of Communication Networks and Distributed Systems
Password-Authenticated Key Exchange between Clients in a Cross-Realm Setting
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
A Modular Security Analysis of the TLS Handshake Protocol
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Hybrid Password-Based Authenticated Group Key Exchange
APWeb/WAIM '09 Proceedings of the Joint International Conferences on Advances in Data and Web Management
Password-based authenticated key distribution in the three-party setting with forward security
International Journal of Communication Networks and Distributed Systems
User-aware provably secure protocols for browser-based mutual authentication
International Journal of Applied Cryptography
Multi-factor password-authenticated key exchange
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
One-time-password-authenticated key exchange
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Multi-factor authenticated key exchange protocol in the three-party setting
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Gateway-oriented password-authenticated key exchange protocol with stronger security
ProvSec'11 Proceedings of the 5th international conference on Provable security
Provably secure three-party password authenticated key exchange protocol in the standard model
Journal of Systems and Software
Modular security proofs for key agreement protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
On the security of some password-based key agreement schemes
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
On bluetooth repairing: key agreement based on symmetric-key cryptography
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
About the security of MTI/C0 and MQV
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Security analysis of KEA authenticated key exchange protocol
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Secure cross-realm C2C-PAKE protocol
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
One-Round protocol for two-party verifier-based password-authenticated key exchange
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Analysis of the SSH key exchange protocol
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Information Sciences: an International Journal
| Hi-index | 0.00 |
“Grid” technology enables complex interactions among computational and data resources; however, to be deployed in production computing environments “Grid” needs to implement additional security mechanisms. Recent compromises of user and server machines at Grid sites have resulted in a need for secure password-authentication key-exchange technologies. AuthA is an example of such a technology considered for standardization by the IEEE P1363.2 working group. Unfortunately in its current form AuthA does not achieve the notion of forward-secrecy in a provably-secure way nor does it allow a Grid user to log into his account using an un-trusted computer. This paper addresses this void by first proving that AuthA indeed achieves this goal, and then by modifying it in such a way that it is secure against attacks using captured user passwords or server data.