Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computational Science and Its Applications

ICCSA 2004: Computational Science and Its Applications – ICCSA 2004 pp 698–707Cite as

User Authentication Protocol Based on Human Memorable Password and Using RSA

  • Conference paper

  • 925 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3046))

Abstract

Until now, authentication protocol using the suggested password is not safe from off-line dictionary attack or password file compromise. On this paper, we define scheme password based authentication protocol (PAP) authentication protocol using password. PAP features managing one value choosing optionally of expressing password of many values. It presents PAP based authentication protocol, PAPRSA using RSA to manage values expressing password. PAPRSA is safe from attack involving off-line dictionary attack, password file compromise and excellent in efficient ways involving pass number, calculation amount.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Pointcheaval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  2. Bellovin, S.M., Merrit, M.: Augmented encrypted key exchange: Password-based protocol secure against dictionary attack and password file compromise. In: ACM Security (CCS 1993), pp. 244–250 (1993)

    Google Scholar 

  3. Bellovin, S.M., Merrit, M.: Encrypted key exchange: Password-based protocols secure against dictionary attack. In: Proceedings of IEEE Security and Privacy, pp. 72–84 (1992)

    Google Scholar 

  4. Boyko, V., MacKenzie, P., Patal, S.: Provably secure password authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Diffie, W., Hellman, H.E.: New directions in cryptography. IEEE Transactions on Information Theory 22, 644–654 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  6. ElGamal, T.: A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory IT-31(4), 469–472 (1985)

    Article  MathSciNet  Google Scholar 

  7. Feige, U., Fiat, A., Shamir, A.: Zero knowledge proof of identity. Journal of Cryptology 1, 77–94 (1983)

    Article  MathSciNet  Google Scholar 

  8. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Google Scholar 

  9. Gong, L.: Optimal authentication protocols resistant to password guessing attacks. In: 8th IEEE Computer Security Foundations Workshop, pp. 24–29 (1995)

    Google Scholar 

  10. Gong, L., Lomas, T.M.A., Needham, R.M., Saltzer, J.H.: Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Areas in Communications 11(5), 648–656 (1993)

    Article  Google Scholar 

  11. Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol to security microprocessor minimizing both transmission and memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988)

    Google Scholar 

  12. Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. In: ACM Security (CCS 1998), pp. 122–131 (1998)

    Google Scholar 

  13. ISO/IEC 9798-2, Information technology-Security techniques-Entity authentication-Part 2: Mechanisms using symmetric encipherment algorithms, International Organization for Standardization, Geneva, Switzerland (1994)

    Google Scholar 

  14. ISO/IEC 9798-4, Information technology-Security techniques-Entity authentication-Part 4: Mechanisms using a cryptographic check function, International Organization for Standardization, Geneva, Switzerland (1995)

    Google Scholar 

  15. Jablon, D.: Strong password-only authenticated key exchange. ACM Computer Communication Review, ACM SIGCOMM 26(5), 5–20 (1996)

    Article  Google Scholar 

  16. Koblitz, N.: Eliptic curve cryptosystems. Mathematics of Computation 48(177), 203–209 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  17. Lamport, L.: Password authentication with insecure communication. Communications of the ACM 24, 770–772 (1981)

    Article  Google Scholar 

  18. McEliece, R.J.: A public key cryptosystem based on algebraic coding theory. Deep Space Network Progress Report 42-44, Jet Propulsion Laboratory, California Institute of Technology, pp. 42-44 (1978)

    Google Scholar 

  19. Menezes, J., van Oorschot, P.C., Vanstone, S.A.: Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  20. Merkle, R.C.: Secrecy, Authentication, and Public Key Systems. UMI Research Press, Ann Arbor (1979)

    Google Scholar 

  21. Morris, R., Thompson, K.: Password security: a case history. Communications of the ACM 22, 594–597 (1979)

    Article  Google Scholar 

  22. Mitchell, C.J., Chen, L.: Comment on the S/KEY user authentication scheme,(ASPect)

    Google Scholar 

  23. Kwon, T.: Authentication and key agreement via memorable password (2000), available from http://eprint.iacr.org/2000/026

Download references

Author information

Authors and Affiliations

  1. Dept. of Information Security, Mokpo National University, Muan-gun Jeonnam, KOREA

    IkSu Park & ByeongKyun Oh

  2. Dept. of Computer Science, Chodang University, Muan-gun Jeonnam, KOREA

    SeungBae Park

Authors
  1. IkSu Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. SeungBae Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. ByeongKyun Oh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, I-06123, Perugia, Italy

    Antonio Laganá

  2. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  5. OptimaNumerics Ltd., Cathedral House, 23-31 Waring Street, BT1 2DX, Belfast, UK

    C. J. Kenneth Tan

  6. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Park, I., Park, S., Oh, B. (2004). User Authentication Protocol Based on Human Memorable Password and Using RSA. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3046. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24768-5_75

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24768-5_75

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22060-2

  • Online ISBN: 978-3-540-24768-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation