Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack

Cited 1 time in webofscience Cited 2 time in scopus
  • Hit : 259
  • Download : 0
Password-based Authenticated Key Exchange (PAKE) allows a server to authenticate a user and to establish a session key shared between the server and the user just by having memorable passwords. In PAKE, conventionally the server is assumed to have the authentication functionality and also provide on-line services simultaneously. However, in the real-life applications, this may not be the case, and the authentication server may be separate from on-line service providers. In such a case, there is a problem that a malicious service provider with no authentication functionality may be able to guess the passwords by interacting with other participants repeatedly. Abdalla et al. put forward a notion of the server password protection security to deal with this problem. However, their proposed schemes turned out to be vulnerable to Undetectable On-line Dictionary Attack (UDonDA). To cope with this situation, we propose the Gateway Threshold PAKE provably secure against this password guessing attack by also taking the corruption of authentication servers into consideration.
Publisher
SciTePress
Issue Date
2015-07-20
Language
English
Citation

12th International Conference on Security and Cryptography, SECRYPT 2015, pp.39 - 52

DOI
10.5220/0005539300390052
URI
http://hdl.handle.net/10203/204665
Appears in Collection
CS-Conference Papers(학술회의논문)
Files in This Item
There are no files associated with this item.
This item is cited by other documents in WoS
⊙ Detail Information in WoSⓡ Click to see webofscience_button
⊙ Cited 1 items in WoS Click to see citing articles in records_button

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0