...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEICE Transactions on fundamentals of electronics, communications & computer sciences >Security Analysis of Two Augmented Password-Authenticated Key Exchange Protocols
【24h】

Security Analysis of Two Augmented Password-Authenticated Key Exchange Protocols

机译:两种增强的密码授权密钥交换协议的安全性分析

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

An augmented PAKE (Password-Authenticated Key Exchange) protocol is said to be secure against server-compromise impersonation attacks if an attacker who obtained password verification data from a server cannot impersonate a client without performing off-line dictionary attacks on the password verification data. There are two augmented PAKE protocols where the first one [12] was proposed in the IEEE Communications Letters and the second one [15] was submitted to the IEEE P1363.2 standard working group [9], In this paper, we show that these two augmented PAKE protocols [12], [15] (claimed to be secure) are actually insecure against server-compromise impersonation attacks. More specifically, we present generic server-compromise impersonation attacks on these augmented PAKE protocols [12],[15].
机译:如果从服务器获取密码验证数据的攻击者无法在不对密码验证数据执行脱机字典攻击的情况下模拟客户端,则据说增强型PAKE(密码授权密钥交换)协议可以安全地抵御服务器妥协的模拟攻击。有两种增强的PAKE协议,第一个[12]是在IEEE通信快报中提出的,第二个[15]是提交给IEEE P1363.2标准工作组[9]的。在本文中,我们证明了这些两种增强的PAKE协议[12],[15](声称是安全的)实际上对服务器危害的模拟攻击是不安全的。更具体地说,我们提出了对这些增强的PAKE协议的通用服务器危害模拟攻击[12],[15]。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号