Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
1997
IEEE
1997
IEEE
Number Theoretic Attacks on Secure Password Schemes
Encrypted Key Exchange (EKE) [1, 2] allows two parties sharing a password to exchange authenticated information over an insecure network by using a combination of public and secret key cryptography. EKE promises security against active attacks and dictionary attacks. Other secure protocols have been proposed based on the use of randomized confounders [4, 7]. We use some basic results from number theory to present password guessing attacks on all versions of EKE discussed in the paper [1] and we also offer countermeasures to the attacks. However, for the RSA version of EKE, we show that simple modifications are not enough to rescue the protocol. Attacks are also presented on half encrypted versions of EKE. We also show how randomized confounders cannot protect Direct Authentication Protocol and Secret Public Key Protocol versions of a secure password scheme [4] from attacks. We discuss why these attacks are possible against seemingly secure protocols and what is necessary to make secur...
Real-time TrafficRelated Content
| Added | 26 Aug 2010 |
| Updated | 26 Aug 2010 |
| Type | Conference |
| Year | 1997 |
| Where | SP |
| Authors | Sarvar Patel |
Comments (0)
Researcher Info
|
