Lai, David and Zhang, Zhongwei (2004) Integrated key exchange protocol capable of revealing spoofing and resisting dictionary attacks. In: 2nd International Conference, Applied Cryptography and Network Security ACNS 2004, 8-11 June 2004, Yellow Mountain, China.
PDF (Accepted Version)
[Abstract]: In this paper we propose a new verifier-based password authentication protocol using Dynamic Passwords. The protocol features mutual authentication, integrated session key exchange and is resistant to both dictionary attacks and replay attacks. It also reveals any successful spoofing. The protocol achieves these features by using one-way hash functions, symmetric encryption and two-part Dynamic Passwords. Dynamic Passwords break user passwords into two parts: a dynamic part and a static part. The dynamic part is similar to a one-time password, which can reveal to a legitimate user if any spoofing has occurred and makes the protocol more resistant to social engineering. The static part adds entropy to the password and makes the password more resistant to dictionary attacks. Due to the fact that verifiers are not plain-text equivalent to passwords and from which no meaningful information about passwords can be extracted, verifiers in contrast to passwords are stored in authentication servers. The protocol is most suitable for mobile users because no persistent data is stored on the user side.
|Item Type:||Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)|
|Additional Information:||No evidence of copyright restrictions.|
|Uncontrolled Keywords:||integrated key exchange, dynamic passwords, kerberos, dictionary attack, replay attack, revealing spoofing|
|Subjects:||280000 Information, Computing and Communication Sciences|
|Depositing User:||Mr David Lai|
|Date Deposited:||29 Sep 2009 02:08|
|Last Modified:||02 Jul 2013 23:23|
Actions (login required)
|Archive Repository Staff Only|