Strong password-only authenticated key exchange
- 1 October 1996
- journal article
- Published by Association for Computing Machinery (ACM) in ACM SIGCOMM Computer Communication Review
- Vol. 26 (5), 5-26
- https://doi.org/10.1145/242896.242897
Abstract
A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channel using only a small password, without risk of offline dictionary attack. SPEKE and the closely-related Diffie-Hellman Encrypted Key Exchange (DH-EKE) are examined in light of both known and new attacks, along with sufficient preventive constraints. Although SPEKE and DH-EKE are similar, the constraints are different. The class of strong password-only methods is compared to other authentication schemes. Benefits, limitations, and tradeoffs between efficiency and security are discussed. These methods are important for several uses, including replacement of obsolete systems, and building hybrid two-factor systems where independent password-only and key-based methods can survive a single event of either key theft or password compromise.Keywords
This publication has 10 references indexed in Scilit:
- SPX: global authentication using public key certificatesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Refinement and extension of encrypted key exchangeACM SIGOPS Operating Systems Review, 1995
- Fortifying key negotiation schemes with poorly chosen passwordsElectronics Letters, 1994
- An attack on the Interlock Protocol when used for authenticationIEEE Transactions on Information Theory, 1994
- Protecting poorly chosen secrets from guessing attacksIEEE Journal on Selected Areas in Communications, 1993
- Augmented encrypted key exchangePublished by Association for Computing Machinery (ACM) ,1993
- Authentication and authenticated key exchangesDesigns, Codes and Cryptography, 1992
- The discrete logarithm problemProceedings of Symposia in Applied Mathematics, 1991
- Privacy and authentication: An introduction to cryptographyProceedings of the IEEE, 1979
- An improved algorithm for computing logarithms overGF(p)and its cryptographic significance (Corresp.)IEEE Transactions on Information Theory, 1978