Cryptanalysis of two password-authenticated key exchange protocols | |
Wan, ZG ; Wang, SH | |
2004 | |
关键词 | ATTACKS SCHEMES |
英文摘要 | Password-Authenticated Key Exchange (PAKE) protocols enable two or more parties to use human-memorable passwords for authentication and key exchange. Since the human-memorable passwords are vulnerable to off-line dictionary attacks, PAKE protocols should be very carefully designed to resist dictionary attacks. However, designing PAKE protocols against dictionary attacks proved to be quite tricky. In this paper, we analyze two PAKE protocols and show that they are subject to dictionary attacks. The analyzed protocols are EPA which was proposed in ACISP 2003 and AMP which is a contribution for P1363. Our attack is based on the small factors of the order of a large group Z(p)(*) (i.e., the DLP of subgroup attack), by which the secret password can be fully discovered. We intend to emphasize that our attack is valid since the protocols neither select secure parameter p nor check the order of received values for achieving good efficiency.; Computer Science, Information Systems; Computer Science, Theory & Methods; SCI(E); CPCI-S(ISTP); 6 |
语种 | 英语 |
出处 | SCI |
内容类型 | 其他 |
源URL | [http://hdl.handle.net/20.500.11897/400367] ![]() |
专题 | 数学科学学院 |
推荐引用方式 GB/T 7714 | Wan, ZG,Wang, SH. Cryptanalysis of two password-authenticated key exchange protocols. 2004-01-01. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论