Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Public-key cryptography and password protocols
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Public-key cryptography and password protocols: the multi-user case
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Server-Assisted Generation of a Strong Secret from a Password
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys
Proceedings of the 5th International Workshop on Security Protocols
Extended Password Key Exchange Protocols Immune to Dictionary Attacks
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
PDM: a new strong password-based protocol
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Network security: private communication in a public world, second edition
Network security: private communication in a public world, second edition
On diffie-hellman key agreement with short exponents
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Threshold Password-Authenticated Key Exchange
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Virtual Software Tokens - A Practical Way to Secure PKI Roaming
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
On the Difficulty of Protecting Private Keys in Software
ISC '02 Proceedings of the 5th International Conference on Information Security
Fortifying password authentication in integrated healthcare delivery systems
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Provably secure threshold password-authenticated key exchange
Journal of Computer and System Sciences
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Strong password-based authentication in TLS using the three-party group Diffie Hellman protocol
International Journal of Security and Networks
A Secure Authenticated Key Exchange Protocol for Credential Services
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Provably secure threshold password-authenticated key exchange
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Secure applications of Pedersen's distributed key generation protocol
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
An efficient password-only two-server authenticated key exchange system
ICICS'07 Proceedings of the 9th international conference on Information and communications security
A secure dynamic identity based authentication protocol for multi-server architecture
Journal of Network and Computer Applications
J-PAKE: authenticated key exchange without PKI
Transactions on computational science XI
Password authenticated key exchange by juggling
Security'08 Proceedings of the 16th International conference on Security protocols
Password-protected secret sharing
Proceedings of the 18th ACM conference on Computer and communications security
An authentication and key exchange protocol for secure credential services
ISC'06 Proceedings of the 9th international conference on Information Security
Forward secure password-enabled PKI with instant revocation
EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
Two-server password-only authenticated key exchange
Journal of Computer and System Sciences
Two-Server password-only authenticated key exchange
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Proofs for two-server password authentication
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Password-Based user authentication protocol for mobile environment
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
A method for making password-based key exchange resilient to server compromise
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
SSO password-based multi-server authentication protocol
International Journal of Communication Networks and Distributed Systems
Practical yet universally composable two-server password-authenticated secret sharing
Proceedings of the 2012 ACM conference on Computer and communications security
Proceedings of the 18th ACM symposium on Access control models and technologies
Advanced remote user authentication protocol for multi-server architecture based on ECC
Journal of Information Security and Applications
| Hi-index | 0.00 |
Safe long-term storage of user private keys is a problem in client/server systems. The problem can be addressed with a roaming system that retrieves keys on demand from remote credential servers, using password authentication protocols that prevent password guessing attacks from the network. Ford and Kaliski's methods [11] use multiple servers to further prevent guessing attacks by an enemy that compromises all but one server. Their methods use a previously authenticated channel which requires client-stored keys and certificates, and may be vulnerable to offine guessing in server spoofing attacks when people must positively identify servers, but don't. We present a multi-server roaming protocol in a simpler model without this need for a prior secure channel. This system requires fewer security assumptions, improves performance with comparable cryptographic assumptions, and better handles human errors in password entry.