Cryptology ePrint Archive: Report 2012/120
Password Protected Smart Card and Memory Stick Authentication Against Off-line Dictionary Attacks
Abstract: We study the security requirements for
remote authentication with password protected smart card.
In recent years, several protocols for password-based authenticated key
exchange have been proposed. These protocols are used for the protection
of password based authentication between a client and a remote server.
In this paper, we will focus on the password based authentication between
a smart card owner and smart card via an untrusted card reader.
In a typical scenario, a smart card
owner inserts the smart card into an untrusted card reader and input
the password via the card reader in order for the smart card
to carry out the process of authentication with a remote server.
In this case, we want to guarantee that the card reader will not
be able to impersonate the card owner in future without the smart card
itself. Furthermore, the smart card could be stolen. If this happens,
we want the assurance that an adversary could not use the smart card
to impersonate the card owner even though
the sample space of passwords may be small enough to be enumerated by
an off-line adversary.
Category / Keywords: cryptographic protocols / password protocols
Date: received 3 Mar 2012, last revised 3 Mar 2012
Contact author: yonwang at uncc edu
Available format(s): PDF | BibTeX Citation
Version: 20120304:082602 (All versions of this report)
Short URL: ia.cr/2012/120
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]