论文信息 - Password-based Authenticated Key Agreement Protocol Secure Against Advanced Modification Attack

Password-based Authenticated Key Agreement Protocol Secure Against Advanced Modification Attack

Password-based mechanism is widely used methods for user authentication. Password-based mechanisms are using memorable passwords(weak ferrets), therefore Password-based mechanism are vulnerable to the password guessing attack. To overcome this problem, man password-based authenticated key exchange protocols have been proposed to resist password guessing attacks. Recently, Seo-Sweeny proposed password-based Simple Authenticated Key Agreement(SAKA) protocol. In this paper, first, we will examine the SAKA and authenticated key agreement protocols, and then we will show that the proposed simple authenticated key agreement protocols are still insecure against Advanced Modification Attack. And we propose a password-based Simple Authenticated Key Agreement Protocol secure against Advanced Modification Attack.

[1] Steven M. Bellovin,et al. Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[2] Steven M. Bellovin,et al. Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[3] Peter Sweeney,et al. Simple authenticated key agreement algorithm , 1999 .

[4] Maurizio Kliban Boyarsky,et al. Public-key cryptography and password protocols: the multi-user case , 1999, CCS '99.

[5] Yuh-Min Tseng. Weakness in simple authenticated key agreement protocol , 2000 .

[6] Chin-Chen Chang,et al. Security enhancement for the "simple authentication key agreement algorithm" , 2000, Proceedings 24th Annual International Computer Software and Applications Conference. COMPSAC2000.

[7] Sheng-De Wang,et al. Cryptanalysis of modified authenticated key agreement protocol , 2000 .