usenix conference policies
You are here
Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks
Error message
You are not authorized to post comments.Barry Jaspan, Independent Consultant
Password-based key-server protocols are susceptible to password chaining attacks, in which an enemy uses knowledge of a user's current password to learn all future passwords. As a result, the exposure of a single password effectively compromises all future communications by that user. The same protocols also tend to be vulnerable to dictionary attacks against user passwords.
Bellovin and Merrit[BelMer92] presented a hybrid of symmetric- and public-key cryptography called Encrypted Key Exchange (EKE) that cleanly solves the dictionary attack problem. This paper presents an extension of their ideas called /dual-workfactor encrypted key exchange/ that preserves EKE's strength against dictionary attacks but also efficiently prevents passive password-chaining attacks.
author = {Barry Jaspan},
title = {Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks},
booktitle = {6th USENIX Security Symposium (USENIX Security 96)},
year = {1996},
address = {San Jose, CA},
url = {https://www.usenix.org/conference/6th-usenix-security-symposium/dual-workfactor-encrypted-key-exchange-efficiently},
publisher = {USENIX Association},
month = jul
}
connect with us