Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks
Classic cryptographic protocols based on user-chosen keys allow an attacker to mount password-guessing attacks. A combination of asymmetric (public-key) and symmetric (secret-key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. In particular, a protocol relying on the counter-intuitive motion of using a secret key to encrypt a public key is presented. Such protocols are secure against active attacks, and have the property that the password is protected against offline dictionary attacks.
- neke.pdf application/pdf 219 KB Download File
Also Published In
- Proceedings: 1992 IEEE Computer Society Symposium on Research in Security and Privacy, May 4-6, 1992
More About This Work
- Academic Units
- Computer Science
- Published Here
- June 28, 2010
Proceedings: 1992 IEEE Computer Society Symposium on Research in Security and Privacy, May 4-6, 1992, Oakland, California (Los Alamitos, Calif.: IEEE Computer Society Press, 1992), pp. 72-84.