Analysing Password Protocol Security Against Off-line Dictionary Attacks

Ricardo Corin, Jeroen Doumen, Sandro Etalle

    Research output: Book/ReportReportProfessional

    90 Downloads (Pure)

    Abstract

    We study the security of password protocols against off-line dictionary attacks. In addition to the standard adversary abilities, we also consider further cryptographic advantages given to the adversary when considering the password protocol being instantiated with particular encryption schemes. We work with the applied pi calculus of Abadi and Fournet, in which the (new) adversary abilities are modelled as equations between terms. As case studies, we analyse the Encrypted Password Transmission (EPT) protocol of Halevi and Krawczyk, and the wellknown Encrypted Key Exchange (EKE) of Bellovin and Merritt. Finally, we propose a modification to EKE that prevents a particular attack that arises when ciphertexts are distinguishable from random noise.
    Original languageEnglish
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages19
    Publication statusPublished - Dec 2003

    Publication series

    NameCTIT technical report series
    PublisherUniversity of Twente, CTIT
    No.2003-52
    ISSN (Print)1381-3625

    Keywords

    • SCS-Cybersecurity

    Fingerprint

    Dive into the research topics of 'Analysing Password Protocol Security Against Off-line Dictionary Attacks'. Together they form a unique fingerprint.
    • Analysing Password Protocol Security Against Off-line Dictionary Attacks

      Corin, R., Doumen, J. & Etalle, S., Jun 2004, Proceedings of the 2nd International Workshop on Security Issues with Petri Nets and other Computational Models (WISP 2004). Busi, N., Gorrieri, R. & Martinelli, F. (eds.). Amsterdam: Elsevier, p. 47-63 17 p. (Electronic Notes in Theoretical Computer Science; vol. 121).

      Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

      Open Access
      File
      37 Citations (Scopus)
      98 Downloads (Pure)

    Cite this