7,061 Hits in 4.5 sec

Securing passwords against dictionary attacks

Benny Pinkas, Tomas Sander
2002 Proceedings of the 9th ACM conference on Computer and communications security - CCS '02  
The use of passwords is a major point of vulnerability in computer security, as passwords are often easy to guess by automated programs running dictionary attacks.  ...  dictionary attacks.  ...  However the protocol is flawed as it provides little security against a global password attack.  ... 
doi:10.1145/586131.586133 fatcat:4ir6bov65jgexgfljmo2cqumbq

Securing passwords against dictionary attacks

Benny Pinkas, Tomas Sander
2002 Proceedings of the 9th ACM conference on Computer and communications security - CCS '02  
The use of passwords is a major point of vulnerability in computer security, as passwords are often easy to guess by automated programs running dictionary attacks.  ...  dictionary attacks.  ...  However the protocol is flawed as it provides little security against a global password attack.  ... 
doi:10.1145/586110.586133 dblp:conf/ccs/PinkasS02 fatcat:7huynfyzrjewpki2ye3x2lxa7q

Analysing Password Protocol Security Against Off-line Dictionary Attacks

Ricardo Corin, Jeroen Doumen, Sandro Etalle
2005 Electronical Notes in Theoretical Computer Science  
We study the security of password protocols against off-line dictionary attacks.  ...  In the latter, we find an attack that arises when considering the ability of distinguishing ciphertexts from random noise. We propose a modification to EKE that prevents this attack.  ...  against dictionary attacks.  ... 
doi:10.1016/j.entcs.2004.10.007 fatcat:34ltqa6ezjc7dbi7sohsr477nm

Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks

Junghyun Nam, Kim-Kwang Raymond Choo, Juryon Paik, Dongho Won
2014 The Scientific World Journal  
against insider dictionary attacks.  ...  PAKE protocols against dictionary attacks.  ...  Password Security Capturing Offline Dictionary Attacks. The SK security described in Definition 12 implies security against offline dictionary attacks.  ... 
doi:10.1155/2014/802359 pmid:25309956 pmcid:PMC4189515 fatcat:olcrli45xnhj7jquao3eeqfonm

Provably Secure Gateway Threshold Password-Based Authenticated Key Exchange Secure against Undetectable On-Line Dictionary Attack

Yukou KOBAYASHI, Naoto YANAI, Kazuki YONEYAMA, Takashi NISHIDE, Goichiro HANAOKA, Kwangjo KIM, Eiji OKAMOTO
2017 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
Password Protection Security For the security of passwords, an adversary can ask the Test-Password oracle once against a fresh password.  ...  A.2 Attack against Password Protection Security We describe the following method for an adversary acting as a malicious gateway to guess the password of a target user by a combination of the on-line and  ...  His research interests are cryptography and information security. He is members of IEEE and ACM.  ... 
doi:10.1587/transfun.e100.a.2991 fatcat:5yzdzopgfjgmbao3bzvgfenzue

Efficient Password-Authenticated Key Exchange for Three-Party Secure Against Undetectable On-Line Dictionary Attacks [chapter]

Jeong Ok Kwon, Kouichi Sakurai, Dong Hoon Lee
2006 Lecture Notes in Computer Science  
The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security.  ...  In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle  ...  We can modify 3PAKE2 to secure against undetectable on-line dictionary attacks but to insecure against detectable on-line dictionary attacks.  ... 
doi:10.1007/11758501_152 fatcat:nb4cva725nglbiydasefye645u

Encrypted key exchange: password-based protocols secure against dictionary attacks

S.M. Bellovin, M. Merritt
Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy  
doi:10.1109/risp.1992.213269 dblp:conf/sp/BellovinM92 fatcat:iksswbwlujeefl6sjbkzwopiua

A Theoretical Framework for Password Security against Offline Guessability Attacks

Shah Zaman Nizamani, Syed Raheel Hassan, Rafia Naz
2017 Indian Journal of Science and Technology  
Method: In this paper, a theoretical framework is developed which provides guidelines for improving password security against offline guessability attacks such as brute force and dictionary attacks.  ...  Objectives: Security of textual passwords is increased against offline guessability attacks by using different encryption methods.  ...  Password encryption is used for improving the security of passwords against brute force and dictionary attacks.  ... 
doi:10.17485/ijst/2017/v10i33/115252 fatcat:nghlj5ddd5ahpjqanpqgz3kuja

Cryptanalysis and Improvement of a Password-Based Authenticated Three-Party Key Exchange Protocol

Youngsook Lee
2014 International Journal of Security and Its Applications  
Protocols for password-based authenticated key exchange (PAKE) in the three-party setting must be designed to be secure against dictionary attacks even in the presence of a malicious insider.  ...  We propose an improved three-party PAKE protocol which is resistant to all classes of dictionary attacks, including insider offline dictionary attacks and undetectable online dictionary attacks.  ...  Although Kim and Choi's protocol may be secure against undetectable online dictionary attacks, we found that it is not secure against an offline dictionary attack in the presence of a malicious client.  ... 
doi:10.14257/ijsia.2014.8.4.14 fatcat:h3irumicpjbbbmtzisahu5sla4

Cryptanalysis of an efficient password authentication scheme

Chiu-Shu Pan, Cheng-Yi Tsai, Shyh-Chang Tsaur, Min-Shiang Hwang
2016 2016 3rd International Conference on Systems and Informatics (ICSAI)  
In the previous method is week against dictionary attack. Our method provide single sign like previous method and also against for on/off-line dictionary attack.  ...  This paper contain secure-password authentication involve third party. The previous methods focus on two party authentications who share the password.  ...  Our secure password he cannot decrypt the current session and past session. authentication protocols: (1)are secure against on/off-line When a password file at the TIS is compromised, an dictionary attacks  ... 
doi:10.1109/icsai.2016.7811051 dblp:conf/icsai/PanTTH16 fatcat:vv67bqza4zgalj5dn4e5dodr3u

An Idea to Increase the Security of EAP-MD5 Protocol Against Dictionary Attack [article]

Behrooz Khadem, Siavosh Abedi, Isa Sa-adatyar
2018 arXiv   pre-print
Then, based on observed weaknesses, by proposing an appropriate idea while maintaining the speed of execution, its security against dictionary attack is improved.  ...  Moreover, in order to improve EAP-MD5 security, a series of attacks against it have been investigated.  ...  In section 3, some dictionary attacks against this protocol are described. Then, in section 4, an idea is proposed to improve EAP-MD5 security against the dictionary attack.  ... 
arXiv:1812.01533v1 fatcat:ydzozwdr3feolnshdxtqbp3tyi

Design of Password Guessing Prevention Protocol for Levelled-Security System

2018 Helix  
The proposed system allows the user to choose a password which is not present in the dictionary. Also, all possible alterations of passwords are matched against the supplied dictionary.  ...  In a dictionary attack, the hacker uses dictionary file containing possible passwords and tries every password from that file.  ...  Password entered by the user is checked against the following constraints to mitigate the possibility of password cracking during dictionary attack. a.  ... 
doi:10.29042/2018-3787-3791 fatcat:jcpgyxawxffllgb65z4f3qga5a

Literature Survey on Data Security using Carp Two Step Authentication based on Human and Hard AI Problems
IJARCCE - Computer and Communication Engineering

R.G. Vetrivel, J.Vasanth Kishore, B. Arun Kumar, S. Thivaharan
2015 IJARCCE  
This type of password is easy to guess through different attack i.e. dictionary attack and brute force attack.  ...  Here the password is created from images and text password. The Current system is based on only text password but it has some disadvantages like small password mostly used and easy to remember.  ...  It provides protection against online dictionary attacks on password. For login every time click on images and type password.  ... 
doi:10.17148/ijarcce.2015.4318 fatcat:ijwtx6syirh5der7r6kyql4wny

Dictionary Attacks against Password-Based Authenticated Three-Party Key Exchange Protocols

2013 KSII Transactions on Internet and Information Systems  
's (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in  ...  We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks  ...  The difficulty of designing PAKE protocols secure against dictionary attacks is increased in the three-party setting.  ... 
doi:10.3837/tiis.2013.12.016 fatcat:eusfohebu5evbnedo2lchhaiji

NAVI: Novel authentication with visual information

Emmanouil Georgakakis, Nikos Komninos, Christos Douligeris
2012 2012 IEEE Symposium on Computers and Communications (ISCC)  
Finally, we discuss NAVI's security features and compare it with existing graphical password schemes as well as text-based passwords in terms of key security features, such as password keyspace, dictionary  ...  attacks and guessing attacks.  ...  The following criteria will be used in order to examine and evaluate the proposed solution against text passwords and other graphical password schemes. • Security o Brute force attacks o Dictionary attacks  ... 
doi:10.1109/iscc.2012.6249360 dblp:conf/iscc/GeorgakakisKD12 fatcat:r4fpi2srj5bldp44wrzb5uboda
« Previous Showing results 1 — 15 out of 7,061 results