Title :
RSA-based Password-Authenticated Key Retrieval using multiple servers
Author :
SeongHan Shin ; Kobara, Kazukuni
Author_Institution :
Res. Inst. for Secure Syst. (RISEC), Nat. Inst. of Ind. Sci. & Technol. (AIST), Tsukuba, Japan
Abstract :
A PAKR (Password-Authenticated Key Retrieval) protocol and its multi-server system allow one party (say, client), who has a rememberable password, to retrieve a long-term static key in an exchange of messages with at least one other party (say, server) that has a private key. In this paper, we propose an RSA-based PAKR (for short, RSA-PAKR) protocol using multiple n servers, and then show that the RSA-PAKR protocol provides security of passwords and static keys against an attacker who takes full control of n - 1 servers. Several aspects of the RSA-PAKR protocol and its extension (including efficiency improvements, implementation issue and extension for distinguishing on-line dictionary attacks) are followed.
Keywords :
cryptographic protocols; message authentication; PAKR protocol; RSA-PAKR protocol; RSA-based password-authenticated key retrieval protocol; long term static key; multiserver system; on-line dictionary attacks; Dictionaries; Nickel; Protocols; Public key; Servers; Silicon; Password; RSA; authentication; key retrieval; on-line/off-line dictionary attacks; server compromise;
Conference_Titel :
Internet Security (WorldCIS), 2013 World Congress on
Conference_Location :
London
DOI :
10.1109/WorldCIS.2013.6751027
