Extended password key exchange protocols immune to dictionary attack

Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises Pub Date : 1997-06-18 DOI:10.1109/ENABL.1997.630822

David P. Jablon

{"title":"Extended password key exchange protocols immune to dictionary attack","authors":"David P. Jablon","doi":"10.1109/ENABL.1997.630822","DOIUrl":null,"url":null,"abstract":"Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g/sup C/ mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K/sub 1/. Bob chooses a random X and sends g/sup X/ mod p. Alice computes K=g/sup XC/ mod p, and proves knowledge of {K/sub 1/,K/sub 2/}. Bob verifies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved performance over Bellovin and Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.","PeriodicalId":334410,"journal":{"name":"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"172","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ENABL.1997.630822","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 172

Abstract

Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g/sup C/ mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K/sub 1/. Bob chooses a random X and sends g/sup X/ mod p. Alice computes K=g/sup XC/ mod p, and proves knowledge of {K/sub 1/,K/sub 2/}. Bob verifies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved performance over Bellovin and Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.

查看原文本刊更多论文

扩展密码密钥交换协议不受字典攻击

强密码方法在网络上验证甚至很小的密码，而不需要与用户一起存储额外的密钥或证书，也不用担心网络字典攻击。我们描述了一个新的扩展，以进一步限制暴露于盗窃存储的密码验证器，并将其应用于几个协议，包括简单密码指数密钥交换(SPEKE)。Alice向Bob证明了密码C的知识，Bob有一个存储的验证者S，其中S=g/sup C/ mod p。他们基于共享秘密S执行SPEKE交换，以获得临时共享密钥K/sub 1/。Bob随机选择一个X并发送g/sup X/ mod p。Alice计算K=g/sup XC/ mod p，并证明了{K/sub 1/，K/sub 2/}的知识。Bob验证了这个结果，以确认Alice知道c。实现问题被总结出来，显示了比Bellovin和Merritt的相对强大的增强加密密钥交换改进性能的潜力。这些方法使密码成为身份验证中较强的独立因素，适用于Internet和intranet。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises

自引率

0.00%

发文量