Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Secure Password-Based Authentication Protocol

Published byCameron Pierce Modified over 9 years ago

Similar presentations

Presentation on theme: "The Secure Password-Based Authentication Protocol"— Presentation transcript:

1 The Secure Password-Based Authentication Protocol
Jeong Yunkyoung

2 Contents Introduction Authentication over an untrusted network
Secure Password Authentication Previous Work EKE SRP PAK Future Study Reference

3 Introduction Techniques for user authentication
What a user knows (passwords, PINs) What a user is (voiceprint identification, retinal scanners) What a user has (ID cards, smartcards) The problem of password authentication protocol One party must somehow prove to another party that it knows some password P. telnet, Kerberos : insecure

4 Authentication over an untrusted network(1)
We want a password authentication and key-exchange protocol suitable for authenticating users and exchanging keys over an untrusted network. Alice Bob Password=“sesame” The Internet

5 Authentication over an untrusted network(2)
Alice Bob Password=“sesame” K=3A82019B7CE8F1F9 The Internet

6 Secure Password Authentication
Remote user access If one of the entities is a user and the other is a server, then this can be seen as a problem in the area of remote user access. Goal: security without requiring the user to carry/remember anything except password BUT, Password is “weak” : “easily memorizable” “low entropy” “easily guessed” “drawn from a ‘small’ dictionary” Dictionary attack

7 Previous Work - EKE Encrypted Key Exchange
Steven M. Bellovin, Michael Merritt Notation

8 Previous Work - EKE Protocol (using RSA)
Both parites have cleartext versions of the shared password. Alice Bob K

9 Previous Work - SRP Secure Remote Password Protocol Thomas Wu Notation

10 Previous Work - SRP Protocol
To establish a password P with Steve, Carol picks a random salt s, and computes . Carol Steve

11 Previous Work - PAK Victor Boyko, Philip MacKenzie, Sarvar patel
P=rq+1 for some value r co-prime to q. g is a generator of a subgroup of of size q. The resulting session key is K. Alice Bob

12 Future Study Some effort is needed. My approach… Network is insecure.
PAP for using a short password. Don’t have cleartext version of the shared password. Less rounding. Using Diffie-Hellman and Hash,etc. Suggest efficient and secure password-based authentication protocol.

13 Reference S.M.Bellovin and M.Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE Security 92, pages S.M.Bellovin and M.Merritt. Augumented encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE Security 92, pages T.Wu. The secure remote password protocol. In NDSS 98, pages V.Boyko, P.MacKenzie, and S.Patel. Provably-secure password authentication and key exchange using Diffie-Hellman. In EUROCRYPT2000 , PAGES P.MacKenzie and R.Swaminathan. Secure network authentication with password information. Manuscript.

Download ppt "The Secure Password-Based Authentication Protocol"

Similar presentations

TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.

TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.
1 Password-based authenticated key exchange Ravi Sandhu.

1 Password-based authenticated key exchange Ravi Sandhu.
KERBEROS www.unix.org.ua/orelly/networking/puis/ch19_06.htm.

KERBEROS
Pairwise Key Agreement in Broadcasting Networks - 2005.11.11 - Ik Rae Jeong.

Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.

SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Key Exchange Using Passwords and Long Keys Vladimir Kolesnikov Charles Rackoff Comp. Sci. University of Toronto.

Key Exchange Using Passwords and Long Keys Vladimir Kolesnikov Charles Rackoff Comp. Sci. University of Toronto.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science ©2002-2004 Matt.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.

1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Intro To Secure Comm. Exercise 2. Problem  You wish for your users to access a remote server via user and password.  All of the users have modems and.

Intro To Secure Comm. Exercise 2. Problem  You wish for your users to access a remote server via user and password.  All of the users have modems and.
1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,

1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.

1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Network Security--- User Authentication and Key Agreement Protocols

Network Security--- User Authentication and Key Agreement Protocols

Similar presentations

Ads by Google