论文信息 - How to distinguish on-line dictionary attacks and password mis-typing in two-factor authentication

How to distinguish on-line dictionary attacks and password mis-typing in two-factor authentication

Authenticated Key Exchange (AKE) protocol is one of the ways for establishing secure channels between two parties where they authenticate each other and share a common session key. In particular, some AKE protocols using passwords and high-entropy secrets (i.e., two-factor AKE) are preferable since they provide stronger authentication than one-factor authentication. However, existing two-factor AKE protocols never equip ability to distinguish on-line dictionary attacks from other events, such as client's password mis-typing and communication errors. This problem submerges a critical symptom of high-entropy-secret-leakage (since without it adversaries cannot perform the on-line dictionary attacks) or it forces the users inconvenience by letting them change their passwords frequently to reset the entropy of it that might be guessed partially by the on-line dictionary attacks. In this paper, we propose two general methods to distinguish online dictionary attacks (performed by an attacker) from other harmless events in the two-factor AKE protocols.

SeongHan Shin | Kazukuni Kobara | Hideki Imai | Yasunori Onda

[1] Xiaotie Deng,et al. Two-factor mutual authentication based on smart cards and passwords , 2008, J. Comput. Syst. Sci..

[2] Sang Kyu Park,et al. Two Factor Authenticated Key Exchange (TAKE) Protocol in Public Wireless LANs , 2004 .

[3] SeongHan Shin,et al. An Efficient and Leakage-Resilient RSA-Based Authenticated Key Exchange Protocol with Tight Security Reduction , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[4] SeongHan Shin,et al. A Simple Leakage-Resilient Authenticated Key Establishment Protocol, Its Extensions, and Applications , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[5] Yasunori Iwanami,et al. A Study on Layered Turbo Codes on MIMO Channels , 2003 .

[6] SeongHan Shin,et al. Leakage-Resilient Authenticated Key Establishment Protocols , 2003, ASIACRYPT.

[7] Sugata Sanyal,et al. A new protocol to counter online dictionary attacks , 2006, Comput. Secur..

[8] Akihiro Shimizu,et al. Simple And Secure password authentication protocol, ver.2(SAS-2) (メディア工学) , 2002 .

[9] Wen-Shenq Juang,et al. Two efficient two-factor authenticated key exchange protocols in public wireless LANs , 2009, Comput. Electr. Eng..