Classical cryptographic protocols based on shared secret keys often are vulnerable to key-guessing attacks. For security, the keys must be strong, difficult to memorize for humans. Bellovin and Merritt [4] proposed “encrypted key exchange” (EKE) protocols, to frustrate key-guessing attacks. EKE requires the use of asymmetric cryptosystems and is based on enerypting the public key, using a symmetric cipher. In this paper, a novel way of key exchange is presented, where public keys are sent openly, not encrypted. In contrast to EKE protocols, the same public-key/secret-key pair can be used for arbitrary many protocol executions. The RSA-based protocol variant is found to be quite efficient and practical. Compared to previous work on such protocols, a more solid formal treatment is given, influenced by the work of Bellare and Rogaway [3] on key exchange protocols for strong common secrets.
CITATION STYLE
Lucks, S. (1998). Open key exchange: How to defeat dictionary attacks without encrypting public keys. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1361, pp. 79–90). Springer Verlag. https://doi.org/10.1007/bfb0028161
Mendeley helps you to discover research relevant for your work.