Title :
Efficient protocols secure against guessing and replay attacks
Author :
Keung, Stephen ; Siu, Kai-Yeung
Author_Institution :
Dept. of Electr. & Comput. Eng., California Univ., Irvine, CA, USA
Abstract :
To establish secure network communications, a common practice requires that users authenticate one another and establish a temporary session key based on their passwords. Since users often use passwords that are easy to remember, attackers can correctly guess the passwords simply by searching through a relatively small space of “weak” passwords. In this paper, we present a new set of efficient protocols that can establish secure communications while protecting passwords from any feasible guessing and replay attacks. Our protocols avoid the use of timestamps altogether and minimize the use of nonces (random numbers). We examine some common attacks to existing protocols, and show how our protocols can be secure against such attacks. Our protocols apply to both secure peer-to-peer and multicast communications
Keywords :
cryptography; message authentication; protocols; efficient protocols; multicast communications; nonces minimisation; password guessing; password protection; peer-to-peer communication; replay attacks; secure communications; Access protocols; Authentication; Computer networks; Cryptography; Data security; File servers; Multicast communication; Multicast protocols; Protection; Whales;
Conference_Titel :
Computer Communications and Networks, 1995. Proceedings., Fourth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
0-8186-7180-7
DOI :
10.1109/ICCCN.1995.540108
