Reducing risks from poorly chosen keys
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Simple authenticated key agreement protocol resistant to password guessing attacks
ACM SIGOPS Operating Systems Review
An Adaptable and Reliable Authentication Protocol for Communication Networks
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
A secure one-time password authentication scheme using smart cards without limiting login times
ACM SIGOPS Operating Systems Review
A secure and efficient strong-password authentication protocol
ACM SIGOPS Operating Systems Review
Efficient verifier-based password-authenticated key exchange in the three-party setting
Computer Standards & Interfaces
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Computer Standards & Interfaces
Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)
Information Sciences: an International Journal
Improving the novel three-party encrypted key exchange protocol
Computer Standards & Interfaces
Enhanced Three-Round Smart Card-Based Key Exchange Protocol
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Highly Efficient Password-Based Three-Party Key Exchange in Random Oracle Model
PAISI, PACCF and SOCO '08 Proceedings of the IEEE ISI 2008 PAISI, PACCF, and SOCO international workshops on Intelligence and Security Informatics
Forward Secure Password-Based Authenticated Key Distribution in the Three-Party Setting
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Enhanced password-based simple three-party key exchange protocol
Computers and Electrical Engineering
Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting
KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
Efficient and Strongly Secure Password-Based Server Aided Key Exchange (Extended Abstract)
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Communication-efficient three-party protocols for authentication and key agreement
Computers & Mathematics with Applications
Password-based authenticated key distribution in the three-party setting with forward security
International Journal of Communication Networks and Distributed Systems
Cryptanalysis of two three-party encrypted key exchange protocols
Computer Standards & Interfaces
A Calculus to Detect Guessing Attacks
ISC '09 Proceedings of the 12th International Conference on Information Security
An efficient password authenticated key exchange protocol for imbalanced wireless networks
Computer Standards & Interfaces
Simple password-based three-party authenticated key exchange without server public keys
Information Sciences: an International Journal
Secure remote user authentication scheme using bilinear pairings
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
A simple and efficient key exchange scheme against the smart card loss problem
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
A new key agreement protocol based on chaotic maps
KES-AMSTA'08 Proceedings of the 2nd KES International conference on Agent and multi-agent systems: technologies and applications
Key establishment protocols using environmental and physiological data in wireless sensor networks
International Journal of Sensor Networks
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
A communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Two robust remote user authentication protocols using smart cards
Journal of Systems and Software
Robust authentication and key agreement scheme preserving the privacy of secret key
Computer Communications
Limitations on design principles for public key protocols
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Cross-realm password-based server aided key exchange
WISA'10 Proceedings of the 11th international conference on Information security applications
An enhanced password authenticated key agreement protocol for wireless mobile network
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Rethinking about guessing attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Gateway-oriented password-authenticated key exchange protocol with stronger security
ProvSec'11 Proceedings of the 5th international conference on Provable security
Improvement of Li-Hwang's biometrics-based remote user authentication scheme using smart cards
WSEAS TRANSACTIONS on COMMUNICATIONS
New multi-server password authentication scheme using neural networks
ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part II
Cryptanalysis of two provably secure cross-realm C2C-PAKE protocols
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Provably secure three-party password authenticated key exchange protocol in the standard model
Journal of Systems and Software
Password-based group key exchange secure against insider guessing attacks
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
An improved lu-cao's remote user authentication scheme using smart card
EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
Security analysis of password-authenticated key agreement protocols
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
New authentication scheme based on a one-way hash function and diffie-hellman key exchange
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Decidability of Equivalence of Symbolic Derivations
Journal of Automated Reasoning
N-Party encrypted diffie-hellman key exchange using different passwords
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Secure password authentication for keystroke dynamics
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Gateway-oriented password-authenticated key exchange protocol in the standard model
Journal of Systems and Software
A formal approach for automated reasoning about off-line and undetectable on-line guessing
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
An inter-domain key agreement protocol using weak passwords
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Cryptanalysis of the n-party encrypted diffie-hellman key exchange using different passwords
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Constant-Round password-based group key generation for multi-layer ad-hoc networks
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Customizing protocol specifications for detecting resource exhaustion and guessing attacks
FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Tutorial: Efficient and secure password-based authentication protocols against guessing attacks
Computer Communications
Password-Based authenticated key exchange
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol
Information Sciences: an International Journal
Cryptanalysis of a three-party password-based authenticated key exchange protocol using Weil pairing
International Journal of Electronic Security and Digital Forensics
On the analysis and design of a family tree of smart card based user authentication schemes
UIC'07 Proceedings of the 4th international conference on Ubiquitous Intelligence and Computing
Provably secure three party encrypted key exchange scheme with explicit authentication
Information Sciences: an International Journal
A New Password-Based Multi-server Authentication Scheme Robust to Password Guessing Attacks
Wireless Personal Communications: An International Journal
The Journal of Supercomputing
An undetectable on-line password guessing attack on Nam et al.'s three-party key exchange protocol
Journal of Computational Methods in Sciences and Engineering
| Hi-index | 0.00 |
Several 3-party-based authentication protocols have been proposed, which are resistant to off-line password guessing attacks. We show that they are not resistant to a new type of attack called "undetectable on-line password guessing attack". The authentication server is not able to notice this kind of attack from the clients' (attacker's) requests, because they don't include enough information about the clients (or attacker). Either freshness or authenticity of these requests is not guaranteed. Thus the authentication server responses and leaks verifiable information for an attacker to verify his guess.