On the Security of Some Password-Based Key Agreement Schemes

14 years 5 months ago

Download eprint.iacr.org

In this paper we show that two potential security vulnerabilities exist in the strong password-only authenticated key exchange scheme due to Jablon. Two standardised schemes based on Jablon’s scheme, namely the ﬁrst passwordbased key agreement mechanism in ISO/IEC FCD 11770-4 and the scheme BPKAS-SPEKE in IEEE P1363.2 also suﬀer from one or both of these security vulnerabilities. We further show that other password-based key agreement mechanisms, including those in ISO/IEC FCD 11770-4 and IEEE P1363.2, also suﬀer from these two security vulnerabilities. Finally, we propose means to remove these security vulnerabilities.

Qiang Tang, Chris J. Mitchell

Real-time Traffic

CIS 2005 | Key Agreement Mechanisms | Potential Security Vulnerabilities | Security Vulnerabilities |

claim paper

Post Info
More Details (n/a)

Added	26 Jun 2010
Updated	26 Jun 2010
Type	Conference
Year	2005
Where	CIS
Authors	Qiang Tang, Chris J. Mitchell

Comments (0)

Sciweavers

On the Security of Some Password-Based Key Agreement Schemes

CIS 2005 | Key Agreement Mechanisms | Potential Security Vulnerabilities | Security Vulnerabilities |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers