Security Analysis on an Improvement of RSA-Based Password Authenticated Key Exchange(Fundamental Theories for Communications)
スポンサーリンク
概要
- 論文の詳細を見る
In 2002, Zhu et al. proposed a password authenticated key exchange protocol based on RSA such that it is efficient enough to be implemented on most of the target low-power devices such as smart cards and low-power Personal Digital Assistants in imbalanced wireless networks. Recently, YEH et al. claimed that Zhu et al.'s protocol not only is insecure against undetectable on-line password guessing attack but also does not achieve explicit key authentication. Thus they presented an improved version. Unfortunately, we find that YEH et al.'s password guessing attack does not come into existence, and that their improved protocol is vulnerable to off-line dictionary attacks. In this paper we describe our observation in details, and also comment for the original protocol on how to achieve explicit key authentication as well as resist against other existent attacks.
- 社団法人電子情報通信学会の論文
- 2005-04-01
著者
-
WANG Jie
School of Mathematical Sciences, Peking University
-
Bao Feng
Institute For Infocomm Research
-
Wang Shuhong
School Of Information Systems Singapore Management University
-
Wang Shuhong
School Of Mathematical Sciences Peking University:(present Address)school Of Information System
-
Wang Jie
School Of Mathematical Sciences Peking University
関連論文
- A More Efficient Improvement of the Virtual Software Token Protocols (Fundamental Theories for Communications)
- Security Notes on Generalization of Threshold Signature and Authenticated Encryption(Information Security)
- Reliable Broadcasting and Secure Distributing in Channel Networks(Special Section on Discrete Mathematics and Its Applications)
- Time-Bound Hierarchical Key Assignment : An Overview
- Security Analysis on an Improvement of RSA-Based Password Authenticated Key Exchange(Fundamental Theories for Communications)