Sciweavers

Share
CIS
2005
Springer

On the Security of Some Password-Based Key Agreement Schemes

10 years 9 months ago
On the Security of Some Password-Based Key Agreement Schemes
In this paper we show that two potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon’s scheme, namely the first passwordbased key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suffer from one or both of these security vulnerabilities. We further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770-4 and IEEE P1363.2, also suffer from these two security vulnerabilities. Finally, we propose means to remove these security vulnerabilities.
Qiang Tang, Chris J. Mitchell
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where CIS
Authors Qiang Tang, Chris J. Mitchell
Comments (0)
books