Sciweavers

JOC
2007

Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-Based Authentication

13 years 11 months ago
Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-Based Authentication
In the security chain the weakest link is definitely the human one: human beings cannot remember long secrets and often resort to rather insecure solutions to keep track of their passwords or pass-phrases. For this reason it is very desirable to have protocols that do not require long passwords to guarantee security, even in the case in which exhaustive search is feasible. This is actually the goal of password-based key exchange protocols, secure against off-line dictionary attacks: two people share a password (possibly a very small one, say a 4-digit number), and after the protocol execution, they end up sharing a large secret session key (known to both of them, but nobody else). Then an adversary attacking the system should try several connections (on average 5000 for the above short password) in order to be able to get the correct password. Such a large number of erroneous connections can be prevented by various means. Our results can be highlighted as follows. First we define a n...
Dario Catalano, David Pointcheval, Thomas Pornin
Added 15 Dec 2010
Updated 15 Dec 2010
Type Journal
Year 2007
Where JOC
Authors Dario Catalano, David Pointcheval, Thomas Pornin
Comments (0)