Network security via private-key certificates
ACM SIGOPS Operating Systems Review
Lower bounds on messages and rounds for network authentication protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
Encapsulation Security Protocol Design for Local Area Networks
LANSEC '89 Proceedings on the Workshop for European Institute for System Security on Local Area Network Security
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Simple authenticated key agreement protocol resistant to password guessing attacks
ACM SIGOPS Operating Systems Review
Weaknesses of Lee-Li-Hwang's hash-based password authentication scheme
ACM SIGOPS Operating Systems Review
Two simple attacks on Lin-Shen-Hwang's strong-password authentication protocol
ACM SIGOPS Operating Systems Review
Password-based user authentication and key distribution protocols for client-server applications
Journal of Systems and Software
Secure key agreement protocols for three-party against guessing attacks
Journal of Systems and Software - Special issue: Software engineering education and training
Efficient network authentication protocols: lower bounds and optimal implementations
Distributed Computing
Password-based authentication and key distribution protocols with perfect forward secrecy
Journal of Computer and System Sciences
A new security scheme for on-demand source routing in mobile ad hoc networks
IWCMC '07 Proceedings of the 2007 international conference on Wireless communications and mobile computing
Communication-efficient three-party protocols for authentication and key agreement
Computers & Mathematics with Applications
Security of RFID Protocols -- A Case Study
Electronic Notes in Theoretical Computer Science (ENTCS)
Password authenticated key exchange protocols among diverse network domains
Computers and Electrical Engineering
Token-based authenticated key establishment protocols for three-party communication
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
A secure on-demand source routing scheme using hierarchical clustering in mobile ad hoc networks
ISPA'07 Proceedings of the 2007 international conference on Frontiers of High Performance Computing and Networking
| Hi-index | 0.00 |
Abstract: To establish secure network communications, a common practice requires that users authenticate one another and establish a temporary session key based on their passwords. Since users often use passwords that are easy to remember, attackers can correctly guess the passwords simply by searching through a relatively small space of "weak" passwords. In this paper, we present a new set of efficient protocols that can establish secure communications while protecting passwords from any feasible guessing and replay attacks. Our protocols avoid the use of timestamps altogether and minimize the use of nonces (random numbers). We examine some common attacks to existing protocols, and show how our protocols can be secure against such attacks. Our protocols apply to both secure peer-to-peer and multicast communications.