Abstract. Starting from algebraic properties that enable guessing lowentropy secrets, we formalize guessing rules for symbolic verification. The rules are suited for both off-line ...
We provide an effective procedure for deciding the existence of off-line guessing attacks on security protocols, for a bounded number of sessions. The procedure consists of a co...
Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, ...
We investigate the composition of protocols that share a common secret. This situation arises when users employ the same password on different services. More precisely we study w...
Recently, Yeh et al. proposed an improved password authenticated key exchange scheme (YSYCT scheme) which is secure against undetectable on-line password guessing attacks and prov...