Error-tolerant password recovery
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Password Authentication Using Multiple Servers
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
On the Difficulty of Protecting Private Keys in Software
ISC '02 Proceedings of the 5th International Conference on Information Security
A Secure Distributed Search System
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
Automatic generation of two-party computations
Proceedings of the 10th ACM conference on Computer and communications security
Architecture for Protecting Critical Secrets in Microprocessors
Proceedings of the 32nd annual international symposium on Computer Architecture
Mechanisms for increasing the usability of grid security
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Fortifying password authentication in integrated healthcare delivery systems
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Provably secure threshold password-authenticated key exchange
Journal of Computer and System Sciences
On countering online dictionary attacks with login histories and humans-in-the-loop
ACM Transactions on Information and System Security (TISSEC)
PDM: a new strong password-based protocol
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
A new two-server approach for authentication with short secrets
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
PDM: a new strong password-based protocol
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Proceedings of the 2007 ACM workshop on Digital identity management
ACM SIGACT News
International Journal of Applied Cryptography
Exploiting social networks for threshold signing: attack-resilience vs. availability
Proceedings of the 2008 ACM symposium on Information, computer and communications security
On the management of grid credentials
Proceedings of the 5th international workshop on Middleware for grid computing: held at the ACM/IFIP/USENIX 8th International Middleware Conference
A Secure Authenticated Key Exchange Protocol for Credential Services
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Hidden credential retrieval from a reusable password
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Securing medical records on smart phones
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
HPAKE: Password Authentication Secure against Cross-Site User Impersonation
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Oracle-Assisted Static Diffie-Hellman Is Easier Than Discrete Logarithms
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
An improvement of VeriSign's key roaming service protocol
ICWE'03 Proceedings of the 2003 international conference on Web engineering
Robust software tokens: yet another method for securing user's digital identity
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Provably secure threshold password-authenticated key exchange
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Secure applications of Pedersen's distributed key generation protocol
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
An efficient password-only two-server authenticated key exchange system
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Kamouflage: loss-resistant password management
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A secure dynamic identity based authentication protocol for multi-server architecture
Journal of Network and Computer Applications
J-PAKE: authenticated key exchange without PKI
Transactions on computational science XI
Password authenticated key exchange by juggling
Security'08 Proceedings of the 16th International conference on Security protocols
Password-protected secret sharing
Proceedings of the 18th ACM conference on Computer and communications security
An authentication and key exchange protocol for secure credential services
ISC'06 Proceedings of the 9th international conference on Information Security
Forward secure password-enabled PKI with instant revocation
EuroPKI 2006 Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice
Two-server password-only authenticated key exchange
Journal of Computer and System Sciences
Security analysis of a server-aided RSA key generation protocol
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Two-Server password-only authenticated key exchange
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Proofs for two-server password authentication
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Password-Based user authentication protocol for mobile environment
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
A method for making password-based key exchange resilient to server compromise
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
SSO password-based multi-server authentication protocol
International Journal of Communication Networks and Distributed Systems
A novel AES-256 implementation on FPGA using co-processor based architecture
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Practical yet universally composable two-server password-authenticated secret sharing
Proceedings of the 2012 ACM conference on Computer and communications security
Proceedings of the 18th ACM symposium on Access control models and technologies
Single password authentication
Computer Networks: The International Journal of Computer and Telecommunications Networking
Flexible and scalable digital signatures in TPM 2.0
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Advanced remote user authentication protocol for multi-server architecture based on ECC
Journal of Information Security and Applications
| Hi-index | 0.00 |
A roaming user, who accesses a network from different client terminals, can be supported by a credentials server that authenticates the user by password then assists in launching a secure environment for the user. However, traditional credentials server designs are vulnerable to exhaustive password guessing attack at the server. We describe a new credentials server model and supporting protocol that overcomes that deficiency. The protocol provides for securely generating a strong secret from a weak secret (password), based on communications exchanges with two or more independent servers. The result can be leveraged in various ways, for example, the strong secret can be used to decrypt an encrypted private key or it can be used in strongly authenticating to an application server. The protocol has the properties that a would-be attacker cannot feasibly compute the strong secret and has only a limited opportunity to guess the password, even if he or she has access to all messages and has control over some, but not all, of the servers.