Sciweavers

SRDS
1993
IEEE

Some Remarks on Protecting Weak Keys and Poorly-Chosen Secrets from Guessing Attacks

14 years 3 months ago
Some Remarks on Protecting Weak Keys and Poorly-Chosen Secrets from Guessing Attacks
Authentication and key distribution protocols that utilize weak secrets (such as passwords and PINs) are traditionally susceptible to guessing attacks whereby an adversary iterates through a relatively small key space and veri es the correct guess. Such attacks can be defeated by the use of public key encryption and careful protocol construction. In their recent work, Lomas et al. investigated this topic and developed a methodology for avoiding guessing attacks while incurring only moderate overhead. In this paper we discuss several issues concerning the proposed solution and suggest modi cations that remove some of the constraints (such as synchronized time and state retention by the server) and result in simpler and more e cient protocols.
Gene Tsudik, Els Van Herreweghen
Added 09 Aug 2010
Updated 09 Aug 2010
Type Conference
Year 1993
Where SRDS
Authors Gene Tsudik, Els Van Herreweghen
Comments (0)