2006
DOI: 10.1016/j.tcs.2005.11.038
|View full text |Cite
|
Sign up to set email alerts
|

Security analysis of a password-based authentication protocol proposed to IEEE 1363

Abstract: In recent years, several protocols for password-based authenticated key exchange have been proposed. These protocols aim to be secure even though the sample space of passwords may be small enough to be enumerated by an off-line adversary. In Eurocrypt 2000, Bellare, Pointcheval and Rogaway (BPR) presented a model and security definition for authenticated key exchange. They claimed that in the idealcipher model (random oracles), the two-flow protocol at the core of Encrypted Key Exchange (EKE) is secure. Bellar… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
22
0

Year Published

2008
2008
2019
2019

Publication Types

Select...
6
2

Relationship

1
7

Authors

Journals

citations
Cited by 31 publications
(22 citation statements)
references
References 17 publications
0
22
0
Order By: Relevance
“…Repeatedly generating random numbers from such a system can become a time bottleneck. The time bottleneck can be avoided in most computer applications by using pseudo-random numbers instead of random numbers [5]. A pseudo-random number generator deterministically generates a sequence of numbers by some computational process from an initial number, called a seed.…”
Section: Literature Reviewmentioning
confidence: 99%
“…Repeatedly generating random numbers from such a system can become a time bottleneck. The time bottleneck can be avoided in most computer applications by using pseudo-random numbers instead of random numbers [5]. A pseudo-random number generator deterministically generates a sequence of numbers by some computational process from an initial number, called a seed.…”
Section: Literature Reviewmentioning
confidence: 99%
“…This transmission of data [3] can be done based on two people present physically near to each other or present in different far away places. In such circumstances, authentication has been done by alternate means, like secret handshakes [4] or passwords [5]. The reality of these authentication techniques often failed to validate the identity when there are times of a distance is required.…”
Section: Introductionmentioning
confidence: 99%
“…Motivations. The past thirty years of research on password-only protocols have proved that it is incredibly difficult to get a single-factor protocol right [43,60], while the past twenty years of "break-fix-break-fix" cycle of smart-card-based password protocols have manifested designing a two-factor scheme can only be harder [33,34,40]. It remains an open problem to construct an efficient and secure two-factor protocol that can meet all the security goals (see Section 2 of [54]) and preserve all the desirable features such as user anonymity and repairability (see [34] for a comprehensive list of desirable features).…”
Section: Introductionmentioning
confidence: 99%