You are looking at a specific version 20050615:165954 of this paper.
See the latest version.
Paper 2005/141
Enhanced password-based key establishment protocol
Qiang Tang and Chris J. Mitchell
Abstract
In this paper we analyse a password-based authenticated key establishment protocol due to Laih, Ding and Huang, which enables a user to authenticate himself to a server and negotiate a shared session key. This protocol is also designed to guarantee that a human being is actually involved in an ongoing protocol execution. However we show that the protocol suffers from offline dictionary attacks. We propose an enhanced password-based authenticated key establishment protocol which is secure against offline dictionary attacks, and that possesses an additional feature guaranteeing that a user is involved in each protocol execution.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- key agreementpassword guessing attacksauthentication
- Contact author(s)
- qiang tang @ rhul ac uk
- History
- 2005-06-15: revised
- 2005-05-19: received
- See all versions
- Short URL
- https://ia.cr/2005/141
- License
-
CC BY