標題: | Secure authentication protocols resistant to guessing attacks |
作者: | Luo, Jia-Ning Shieh, Shiuhpyng Shen, Ji-Chiang 資訊工程學系 Department of Computer Science |
關鍵字: | network security;authentication;guessing attack;cryptography;protocol |
公開日期: | 1-九月-2006 |
摘要: | Users are normally authenticated via their passwords in computer systems. Since people tend to choose passwords that can be easily remembered, the systems are under the threat of guessing attacks. Many authentication and key distribution protocols have been proposed to protect user passwords from guessing attacks. However, these protocols either are limited to some specific environments or incur high computation and communication costs. In the paper, we first specify five common forms of guessing attacks, which are used to determine whether a protocol is vulnerable to those attacks. Based on these common forms, some guidelines are provided for developing secure protocols that can be used in both symmetric and asymmetric cryptosystems to defend against guessing attacks. Finally, we enhance the well-known authentication system Kerberos and propose two authentication and key distribution protocols, which are both resistant to guessing attacks. |
URI: | http://hdl.handle.net/11536/11895 |
ISSN: | 1016-2364 |
期刊: | JOURNAL OF INFORMATION SCIENCE AND ENGINEERING |
Volume: | 22 |
Issue: | 5 |
起始頁: | 1125 |
結束頁: | 1143 |
顯示於類別: | 期刊論文 |