Password-only authenticated key establishment protocol without public key cryptography

C. S. Laih, L. Ding, Y. M. Huang

Research output: Contribution to journalArticlepeer-review

15 Citations (Scopus)

Abstract

A scenario in which a user and a server can authenticate each other and generate a strong session key through a symmetric cipher by their shared weak (low-entropy) password in an insecure channel is considered. Until now, designing a secure protocol in this scenario has been an open problem due to the offline dictionary attack. A protocol to resolve this problem is proposed. The idea is to ensure that people must participate to verify each guessed password in the offline dictionary attack. Therefore, this attack cannot succeed in a reasonable time for the proposed protocol.

Original languageEnglish
Pages (from-to)185-186
Number of pages2
JournalElectronics Letters
Volume41
Issue number4
DOIs
Publication statusPublished - 2005 Feb 17

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'Password-only authenticated key establishment protocol without public key cryptography'. Together they form a unique fingerprint.

Cite this