Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
NDSS
1999
IEEE
1999
IEEE
Secure Password-Based Protocol for Downloading a Private Key
We present protocols that allow a user Alice, knowing only her name and password, and not carrying a smart card, to "log in to the network" from a "generic" workstation, i.e., one that has all the necessary software installed, but none of the configuration information usually assumed to be known a priori in a security scheme, such as Alice's public and private keys, her certificate, and the public keys of one or more CAs. By "logging in", we mean the workstation retrieves this information on behalf of the user. This would be straightforward if Alice had a cryptographically strong password. We propose protocols that are secure even if Alice's password is guessable. We concentrate on the initial retrieval of Alice's private key from some server Bob on the network. We discuss various protocols for doing this that avoid off-line password guessing attacks by someone eavesdropping or impersonating Alice or Bob. We discuss auditable vs. unauditabl...
Real-time TrafficRelated Content
| Added | 04 Aug 2010 |
| Updated | 04 Aug 2010 |
| Type | Conference |
| Year | 1999 |
| Where | NDSS |
| Authors | Radia J. Perlman, Charlie Kaufman |
Comments (0)
Researcher Info
|
