Ma Limin,Zhu Yuesheng

2014-01-01

Abstract:As an important trust third-party authentication protocol, Kerberos is widely deployed to provide authentication service in distributed networks. However, it is vulnerable to some attacks such as password guessing attack and replay attack. PKINIT is an enhanced Kerberos protocol based on public key cryptography to resist these attacks. However, it requires excessive computation and communication resources. A new scheme based on one-time password (OTP) mechanism is proposed and implemented to improve the security and computation efficiency of Kerberos protocol in this paper. Experiment results demonstrate that the proposed scheme can enhance the security of Kerberos and reduce 32.3% time of initial authentication exchange and is easier to be deployed than PKINIT. © 2014 ISSN 1881-803X.

Zhao Hu,Yuesheng Zhu,Limin Ma

DOI: https://doi.org/10.1109/icon.2012.6506591

2012-01-01

Abstract:Kerberos is a widely-used network authentication protocol based on a trusted third-party. PKINIT, an enhanced Kerberos protocol which uses PKI mechanism, can prevent the password guessing attack, however, it introduces excessive amount of computational power. To enhance the security performance and computation efficiency of Kerberos, in this paper an improved Kerberos protocol based on Diffie-Hellman-DSA (DH-DSA) key exchange is proposed. Mutual authentication and key exchange between the client and Authentication Server (AS) can be simultaneously achieved with the proposed approach. Our experimental and analysis results have demonstrated that this new protocol can resist the password guessing attack and is more efficient and easily deployed than PKINIT.

YAO Lin,FAN Qingna,KONG Xiangwei

DOI: https://doi.org/10.3778/j.issn.1002-8331.2011.06.023

2011-01-01

Abstract:As a result of the high mobility of the pervasive computing,the principles communicating with each other usually locate at different domains.To secure the service access and communications,the principles should authenticate each other and establish a fresh session key.A novel inter-domain authentication and key establishment protocol is proposed.The proposed protocol reduces the burden of certificates management by adopting the biometric encryption.After inter-domain mutual authentication,the two principles build a new session key using the signcryption technique.The protocol can defend lots of attacks and its correctness is proven by the SVO logic.

XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Will Major,William J Buchanan,Jawad Ahmad

DOI: https://doi.org/10.48550/arXiv.2001.07897

2020-01-22

Cryptography and Security

Abstract:Port Knocking is a method for authenticating clients through a closed stance firewall, and authorising their requested actions, enabling severs to offer services to authenticated clients, without opening ports on the firewall. Advances in port knocking have resulted in an increase in complexity in design, preventing port knocking solutions from realising their potential. This paper proposes a novel port knocking solution, named Crucible, which is a secure method of authentication, with high usability and features of stealth, allowing servers and services to remain hidden and protected. Crucible is a stateless solution, only requiring the client memorise a command, the server's IP and a chosen password. The solution is forwarded as a method for protecting servers against attacks ranging from port scans, to zero-day exploitation. To act as a random oracle for both client and server, cryptographic hashes were generated through chaotic systems.

Hung-Min Sun,Her-Tyan Yeh

DOI: https://doi.org/10.1016/j.jcss.2006.03.005

IF: 1.043

2006-01-01

Journal of Computer and System Sciences

Abstract:In an open networking environment, a workstation usually needs to identify its legal users for providing its services. Kerberos provides an efficient approach whereby a trusted third-party authentication server is used to verify users' identities. However, Kerberos enforces the user to use strong cryptographic secret for user authentication, and hence is insecure from password guessing attacks if the user uses a weak password for convenience. In this paper, we focus on such an environment in which the users can use easy-to-remember passwords. In addition to password guessing attacks, perfect forward secrecy (PFS in short) is another important security consideration when designing an authentication and key distribution protocol. Based on the capability of protecting the client's password, the application server's secret key, and the authentication server's private key, we define seven classes of perfect forward secrecy and focus on protocols achieving class-1, class-3, and class-7 due to their hierarchical relations. Then, we propose three secure authentication and key distribution protocols to provide perfect forward secrecy of these three classes. All these protocols are efficient in protecting poorly-chosen passwords chosen by users from guessing attacks and replay attacks.

ZHU Chang-sheng,LIU Peng-hui,WANG Qing-rong,CAO Lai-cheng

DOI: https://doi.org/10.3724/sp.j.1087.2011.01862

2011-01-01

Journal of Computer Applications

Abstract:How to keep mutual anonymity between two entities is one of the critical issues for Trusted Computation(TC).According to the characteristics of TC,an efficient password-based authenticated key exchange scheme was proposed.Adopting threshold cryptography and fuzzy ID set,the scheme achieved mutual anonymity between user and server sharing ID set.On the premise of secure hashing,the analysis and the proving procedure based on the Random Oracle Model(ROM) show this scheme is secure against dictionary attack and resource-depletion DoS(Denial-of-Service) attack under the computational Diffie-Hellman intractability assumption.This scheme effectively preserves the user's privacy and server's privacy,and compared with other schemes such as VIET et al.'s scheme,it is more efficient.

Li Lu,Jinsong Han,Yunhao Liu,Lei Hu,Jinpeng Huai,Lionel M. Ni,Jian Ma

DOI: https://doi.org/10.1109/tpds.2008.15

IF: 5.3

2008-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Most of the current trust models in peer-to-peer (P2P) systems are identity based, which means that in order for one peer to trust another, it needs to know the other peer's identity. Hence, there exists an inherent tradeoff between trust and anonymity. To the best of our knowledge, there is currently no P2P protocol that provides complete mutual anonymity as well as authentication and trust management. We propose a zero-knowledge authentication scheme called Pseudo Trust (PT), where each peer, instead of using its real identity, generates an unforgeable and verifiable pseudonym using a one-way hash function. A novel authentication scheme based on Zero-Knowledge Proof is designed so that peers can be authenticated without leaking any sensitive information. With the help of PT, most existing identity-based trust management schemes become applicable in mutual anonymous P2P systems. We analyze the security and the anonymity in PT, and evaluate its performance using trace-driven simulations and a prototype PT-enabled P2P network. The strengths of our design include 1) no need for a centralized trusted party or CA, 2) high scalability and security, 3) low traffic and cryptography processing overheads, and 4) man-in-middle attack resistance.

Liu-Jun Wang,Kai-Yi Zhang,Jia-Yong Wang,Jie Cheng,Yong-Hua Yang,Shi-Biao Tang,Di Yan,Yan-Lin Tang,Zhen Liu,Yu Yu,Qiang Zhang,Jian-Wei Pan

DOI: https://doi.org/10.1038/s41534-021-00400-7

IF: 10.758

2021-05-06

npj Quantum Information

Abstract:Abstract Quantum key distribution (QKD) can provide information theoretically secure key exchange even in the era of quantum computers. However, QKD requires the classical channel to be authenticated, the current method for which is pre-sharing symmetric keys. For a QKD network of n users, this method requires $${C}_{n}^{2}=n(n-1)/2$$ C n 2 = n ( n − 1 ) / 2 pairs of symmetric keys to realize pairwise interconnection. In contrast, with the help of a mature public key infrastructure (PKI) and post-quantum cryptography (PQC) with quantum-resistant security, each user only needs to apply for one digital certificate from a certificate authority (CA) to achieve efficient and secure authentication for QKD. We need to assume only the short-term security of the PQC algorithm to achieve long-term security of the distributed keys. Here, we experimentally verified the feasibility, efficiency, and stability of the PQC algorithm in QKD authentication, and demonstrated the advantages when new users join the QKD network. Using the PQC public-key infrastructure, the nodes need to mutually trust only the CA to authenticate each other. QKD combined with PQC authentication will greatly promote and extend the application prospects of quantum-safe communication.

physics, condensed matter, applied, atomic, molecular & chemical,quantum science & technology

Li Lu,Jinsong Han,Lei Hu,Jinpeng Huai,Yunhao Liu,Lionel M. Ni

DOI: https://doi.org/10.1109/ipdps.2007.370284

2007-01-01

Abstract:Most of the current trust models in peer-to-peer (P2P) systems are identity based, which means that in order for one peer to trust another, it needs to know the other peer's identity. Hence, there exists an inherent tradeoff between trust and anonymity. To the best of our knowledge, there is currently no P2P protocol that provides complete mutual anonymity as well as authentication and trust management. We propose a zero-knowledge authentication scheme called pseudo trust (PT), where each peer, instead of using its real identity, generates an unforgeable and verifiable pseudonym using a one-way hash function. A novel authentication scheme based on zero-knowledge proof is designed so peers can be authenticated without leaking any sensitive information. With the help of PT, most existing identity-based trust management schemes become applicable in mutual anonymous P2P systems. We analyze the levels of security and anonymity in PT, and evaluate its performance using trace-driven simulations and a prototype implementation. The strengths of pseudo trust include the lack of need for a centralized trusted party or CA, high scalability and security, low traffic and cryptography processing overheads, and man-in-middle attack resistance. We aim for the pseudo trust design to be included in the P2P trust and anonymity context.

Her-tyan Yeh,Hung-min Sun,Tzonelih Hwang

DOI: https://doi.org/10.6688/jise.2003.19.6.6

2003-01-01

Journal of information science and engineering

Abstract:Three-party EKE was proposed to establish a session key between two clients through a server. However, three-party EKE is insecure against undetectable on-line and off-line password guessing attacks. In this paper, we first propose an enhanced three-party EKE to withstand the security risk in three-party EKE. We also propose a verifier-based three-party EKE that is more secure than a plaintext-equivalent mechanism in which a compromise of the server's database will not result in success in directly impersonating clients.

Travis Z. Suel

DOI: https://doi.org/10.48550/arXiv.1209.0967

2012-09-05

Abstract:Passwords are a fragile, inadequate, and insecure tool for authenticating users, and are especially fraught with problems when used to secure access to network resources and services. In many cases, passwords provide a false sense of security. Creating passwords which are both secure (i.e., hard for attackers to guess) and easy for humans to remember is, at best, a paradoxical task because these two criteria are diametrically opposed. Fortunately, a far more secure and user-friendly alternative is available. Public-key cryptography provides a means of both identifying and authenticating users without the need for passwords. KeyAuth is a generic and universal implementation of public-key authentication aimed at supplanting password-based authentication and significantly improving the security of network accessible resources by enhancing the usability of frequently used authentication mechanisms. KeyAuth is an application-, language-, operating system-, and protocol-independent public-key authentication service.

Cryptography and Security,Human-Computer Interaction

Stavros Kassaras,Leandros Maglaras

DOI: https://doi.org/10.48550/arXiv.2006.09990

2020-06-18

Abstract:How someone can get health insurance without sharing his health information? How you can get a loan without disclosing your credit score? There is a method to certify certain attributes of various data, either this is health metrics or finance information, without revealing the data itself or any other kind of personal data. This method is known as zero-knowledge proofs. Zero-Knowledge techniques are mathematical methods used to verify things without sharing or revealing underlying data. Zero-Knowledge protocols have vast applications from simple identity schemes and blockchains to defense research programs and nuclear arms control

Cryptography and Security

Li Lu,Jinsong Han

2006-01-01

Abstract:Technical Report TR 2006-10 Abstract— Most of the current trust models in peer-to-peer (P2P) systems are identity based, which means that in order for one peer to trust another, it needs to know the other peer’s identity. Hence, there exists an inherent tradeoff between trust and anonymity. To the best of our knowledge, there is currently no P2P protocol that provides complete mutual anonymity as well as authentication and trust management. We propose a zero-knowledge authentication scheme called Pseudo Trust (PT), where each peer, instead of using its real identity, generates an unforgeable and verifiable pseudonym using a one-way hash function. A novel authentication scheme based on Zero-Knowledge Proof is designed so peers can be authenticated without leaking any sensitive information. With the help of PT, most existing identity-based trust management schemes become applicable in mutual anonymous P2P systems. We analyze the levels of security and anonymity in PT, and evaluate its performance using trace-driven simulations. A prototype Pseudo Trust-enabled P2P network is running in our labs at CAS Beijing, Hong Kong UST, and other sites. The strengths of Pseudo Trust include the lack of need for a centralized trusted party or CA, high scalability and security, low traffic and cryptography processing overheads, and man-in-the-middle attack resistance. We aim for the Pseudo Trust design to be included in the P2P trust and anonymity context.

LIAN Huanhuan,HOU Huiying,ZHAO Yunlei

DOI: https://doi.org/10.11959/j.issn.1000−436x.2022062

2022-01-01

Abstract:In view of the fact that server stored the passwords directly in plaintext, there was a risk of server compromise, and two-party PAKE protocol was not suitable for large-scale communication systems, a three-party verifier-based password authenticated key exchange protocol from lattices was proposed.Hashing scheme and zero-knowledge password policy check were combined to realize the generation of verifier and the password checking.A novel verifier-based 3PAKE protocol was constructed by using CCA-secure public-key encryption from lattices, which realized mutual authentication.Security and performance analysis shows that the proposed protocol has better advantages in communication efficiency and security.

Chun-Li Lin,Hung-Min Sun,Tzonelih Hwang

DOI: https://doi.org/10.1145/506106.506108

2000-01-01

ACM SIGOPS Operating Systems Review

Abstract:Password-based mechanism is the widely used method for authentication since it allows people to choose their own passwords without any assistant device to generate or store. However, people are used to choose easy-to-remember passwords such that guessing attacks could succeed. In 1992, Bellovin and Merritt proposed Encrypted Key Exchange (EKE) protocols for preventing guessing attacks, in which two communication parties A and B securely share a possibly weak password in advance. In large communication environments, it is inconvenient in key management that every two communication parties mutually share a secret. Three-party EKE protocols, in which all parties (clients) share their secrets with a trusted server only, are more suitable for large communication environments. In 1995, Steiner, Tsudik and Waidner proposed a realization of three-party EKE protocol which is later demonstrated that it is vulnerable to undetectable on-line guessing attacks. In this paper, We will show a new off-line guessing attack on Steiner, Tsudik and Waidners' protocol. Besides, we will also propose a new three-party EKE protocol which not only is secure against both the off-line guessing attack and undetectable on-line guessing attacks but also satisfies the security properties of perfect forward secrecy and known-key security.

Khoa Nguyen,Benjamin Hong Meng Tan,Huaxiong Wang

DOI: https://doi.org/10.48550/arXiv.1802.05004

2018-02-14

Abstract:Passwords are ubiquitous and most commonly used to authenticate users when logging into online services. Using high entropy passwords is critical to prevent unauthorized access and password policies emerged to enforce this requirement on passwords. However, with current methods of password storage, poor practices and server breaches have leaked many passwords to the public. To protect one's sensitive information in case of such events, passwords should be hidden from servers. Verifier-based password authenticated key exchange, proposed by Bellovin and Merrit (IEEE S\&P, 1992), allows authenticated secure channels to be established with a hash of a password (verifier). Unfortunately, this restricts password policies as passwords cannot be checked from their verifier. To address this issue, Kiefer and Manulis (ESORICS 2014) proposed zero-knowledge password policy check (ZKPPC). A ZKPPC protocol allows users to prove in zero knowledge that a hash of the user's password satisfies the password policy required by the server. Unfortunately, their proposal is not quantum resistant with the use of discrete logarithm-based cryptographic tools and there are currently no other viable alternatives. In this work, we construct the first post-quantum ZKPPC using lattice-based tools. To this end, we introduce a new randomised password hashing scheme for ASCII-based passwords and design an accompanying zero-knowledge protocol for policy compliance. Interestingly, our proposal does not follow the framework established by Kiefer and Manulis and offers an alternate construction without homomorphic commitments. Although our protocol is not ready to be used in practice, we think it is an important first step towards a quantum-resistant privacy-preserving password-based authentication and key exchange system.

Cryptography and Security

Hu Xiong,Yanan Chen,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1016/j.ins.2013.02.004

IF: 8.1

2013-01-01

Information Sciences

Abstract:Three-party password-based authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key with the support from an authenticated server over an insecure channel. Several 3PAKE protocols, which do not require server public keys, have been proposed recently. In this paper, we use Chang et al.’s protocol as a case study and demonstrate that all of the 3PAKE protocols without server public keys are not secure against Key Compromise Impersonation (KCI) attack. A detailed analysis of flaw in these protocols has been conducted and we hope that by identifying this design flaw, similar structural mistakes can be avoided in future designs. Furthermore, we propose an improved protocol that remedies the weakness of these protocols and prove its security in a widely accepted model.

Mark Carney

2023-08-07

Abstract:This paper presents a new method for quantum identity authentication (QIA) protocols. The logic of classical zero-knowledge proofs (ZKPs) due to Schnorr is applied in quantum circuits and algorithms. This novel approach gives an exact way with which a prover $P$ can prove they know some secret by encapsulating it in a quantum state before sending to a verifier $V$ by means of a quantum channel - allowing for a ZKP wherein an eavesdropper or manipulation can be detected with a fail-safe design. This is achieved by moving away from the hardness of the Discrete Logarithm Problem towards the hardness of estimating quantum states. This paper presents a method with which this can be achieved and some bounds for the security of the protocol provided. With the anticipated advent of a `quantum internet', such protocols and ideas may soon have utility and execution in the real world.

Quantum Physics,Cryptography and Security

Shuhong Wang,Jie Wang,Maozhi Xu

DOI: https://doi.org/10.1007/978-3-540-24852-1_30

2004-01-01

Abstract:A password-authenticated key exchange scheme allows two entities, who only share a memorable password, to authenticate each other and to agree on a. cryptographic session key. Instead of considering it in the classic client and server scenarios, Byun et al. recently proposed a password-authenticated key exchange protocol in a cross-realm setting where two clients in different realms obtain a secret session key as well as mutual authentication, with the help of respective servers. In this paper, we first, point out that the proposed protocol is not secure, due to the choice of invalid parameters (say, subgroup generator). Furthermore, we show in detail that, even with properly chosen parameters, the protocol has still some secure flaws. We provide three attacks to illustrate the insecurity of the protocol. Finally, countermeasures are also given, which are believed able to withstand our attacks.