0% Complete
فارسی
Home
/
پانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش
Cryptanalysis of two password authenticated key exchange schemes
Authors :
Mohammad Ali Poorafsahi
1
Hamid Mala
2
1- دانشگاه اصفهان
2- دانشگاه اصفهان
Keywords :
Authentication،EKE،Key Exchange،LWE،PAKE،assword guessing attack
Abstract :
In the realm of password authenticated key exchange (PAKE) protocols, security and efficiency are of greatest importance. This article examines two modern PAKE schemes: the RLWE-SRP, a quantum-safe variant of the Secure Remote Password (SRP) protocol, and the ID-PAKE-PFS, an identity-based Password Authentication and Key Establishment scheme. Our analysis reveals specific vulnerabilities in both protocols: RLWE-SRP is susceptible to Denial of Service (DoS) attacks due to the lack of initial message validation, while ID-PAKE-PFS is vulnerable to password guessing attacks due to the inclusion of identities in ciphertexts. To address these vulnerabilities, we propose modifications for each of them: (1) For RLWE-SRP, we introduce a hash-based validation step in the authentication phase to verify the authenticity of initial messages. (2) For ID-PAKE-PFS, we suggest slight modification in how ciphertexts are calculated to prevent attackers from verifying password guesses. These modifications effectively strengthen both protocols against their respective vulnerabilities while maintaining their core functionalities in both classical and post-quantum environments.
Papers List
List of archived papers
پیشبینی میزان بقای بیماران مبتلا به سرطان ریه با استفاده از ترکیب کارآمد روشهای دادهکاوی و بهینهسازی رقابت استعماری
رخشان رمضانی سرچشمه - مهدی هاشمزاده - امین گلزاری اسکوئی
A Fuzzy Cluster-Based Routing Algorithm to Extend Wireless Sensor Network Lifetime
Mostafa Mirzaie - Armin Mazinani - Dr Sayyed Majid Mazinani
پیش بینی ارتباط میزان مرگ و میر با هم زمانی وجود دو بیماری در مبتلایان به کرونا به کمک بگارگیری شبکه عصبی Word2Vec
سمن مثقالی - دکتر جواد عسکری سمن مثقالی - جواد عسکری -
Knowledge Graph Based Retrieval-Augmented Generation for Multi-Hop Question Answering Enhancement
Mahdi Amiri Shavaki - Pouria Omrani - Ramin Toosi - Mohammad Ali Akhaee
SBST challenges from the perspective of the test techniques
Sepideh Kashefi Gargari - Dr Mohammad Reza Keyvanpour
Sparse Beamforming Design for Non-Coherent UD-CRAN with mm-Wave Fronthaul Links
Alireza M. Hosseini - Dr Abbas Mohammadi
BMPA- DSL: Binary Marine Predators Algorithm to Identify Driver's Different Levels of Stress
Mahtab Vaezi - Mehdi Nasri - Farhad Azimifar - Mahdi Mosleh
A Multi-Task Framework Using Mamba for Identity, Age, and Gender Classification from Hand Images
Amirabbas Rezasoltani - Alireza Hosseini - Ramin Toosi - MohammadAli Akhaee
تشخیص خودکار اختلال عروقی ماکولا با عنوان عروق گسترش یافته در تصاویر آنژیوگرافی حاصل از تصویربرداری OCTA
راضیه گنجی - دکتر محسن ابراهیمی مقدم - دکتر رامین نوری نیا
An efficient hybrid approach for performance-based alternative design evaluation in systems engineering
Abbas Chaman Para - Maryam Nooraei Abadeh - Sondos Bahadori
more
Samin Hamayesh - Version 42.5.2