Abstract
A password-based protocol for authenticated key exchange must provide security against attacks using low entropy of a memorable password. We propose a new password-based protocol for authenticated key exchange, EPA (Efficient Password-based protocol for Authenticated key exchange), which has smaller computational and communicational workloads than previously proposed protocols with the same security requirements. EPA is an asymmetric model in which each client has a password and the server has a password file. While the server's password file is compromised, the client's password is not directly exposed. However, if the adversary mounts an additional dictionary attack, he can obtain the client's password. By using a modified amplified password file, we construct EPA+, which is secure against dictionary attack and server impersonation even if the server's password file is compromised. © 2003 Springer-Verlag Berlin Heidelberg.
Cite
CITATION STYLE
Hwang, Y. H., Yum, D. H., & Lee, P. J. (2003). EPA: An efficient password-based protocol for authenticated key exchange. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2727 LNCS, pp. 452–463). https://doi.org/10.1007/3-540-45067-X_39
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
