0% Complete
فارسی
Home
/
پانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش
Cryptanalysis of two password authenticated key exchange schemes
Authors :
Mohammad Ali Poorafsahi
1
Hamid Mala
2
1- دانشگاه اصفهان
2- دانشگاه اصفهان
Keywords :
Authentication،EKE،Key Exchange،LWE،PAKE،assword guessing attack
Abstract :
In the realm of password authenticated key exchange (PAKE) protocols, security and efficiency are of greatest importance. This article examines two modern PAKE schemes: the RLWE-SRP, a quantum-safe variant of the Secure Remote Password (SRP) protocol, and the ID-PAKE-PFS, an identity-based Password Authentication and Key Establishment scheme. Our analysis reveals specific vulnerabilities in both protocols: RLWE-SRP is susceptible to Denial of Service (DoS) attacks due to the lack of initial message validation, while ID-PAKE-PFS is vulnerable to password guessing attacks due to the inclusion of identities in ciphertexts. To address these vulnerabilities, we propose modifications for each of them: (1) For RLWE-SRP, we introduce a hash-based validation step in the authentication phase to verify the authenticity of initial messages. (2) For ID-PAKE-PFS, we suggest slight modification in how ciphertexts are calculated to prevent attackers from verifying password guesses. These modifications effectively strengthen both protocols against their respective vulnerabilities while maintaining their core functionalities in both classical and post-quantum environments.
Papers List
List of archived papers
A Multi Objective & Trust-Based Workflow Scheduling Method In Cloud Computing Based On The MVO Algorithm
Fatemeh Ebadifard
بررسی روشها، مجموعههای داده و معیارهای ارزیابی در حوزهی پرسش از متون درون تصویر
کبری فرشیدی - حسن ختنلو - محرم منصوری زاده - الهام علی قارداش
بررسی روش m-ary در تولید زنجیرههای افزونه کوتاه
هادی صادقی کاجی - دکتر زهرا کریمی - دکتر محمد غلامی
Knowledge Distillation through a Knowledge Representation Approach (Knowledge Engineering)
Mohammad Hadi Safari Nader
Inner and Outer Bearing Fault Diagnosis of electrical Motors Using a Proposed Algorithm and Vibration Signals
Vahid Safari Dehnavi - Masoud Shafiee
Improving Privacy Protection in a Collaborative Blockchain-based E-Health Records System
Arman Emam-Hoseini - Samane Sobuti - دکتر سیاوش خرسندی - Alireza Hashemi-Golpayeghani
Recommendation Systems in Smart Agriculture: Pathway to a well-designed system
Ahmad Nameni - Amir Ghafarian Daneshmand - Omid Mahdi Ebadati E
Short-Term Traffic Flow Prediction Based on a Recurrent Deep Neural Networks: Study in Tehran
Dr Monireh عبدوس - Taha Vajed Samei
بررسی امنیت وفقی در اینترنت وسایل نقلیه
سیده یگانه غیور باغبانی - دکتر سعید جلیلی سیده یگانه غیور باغبانی - سعید جلیلی -
Enhancing Mutation Testing through Grammar Fuzzing and Parse Tree-Driven Mutation Generation
Mohamad Khorsandi - Alireza Dastmalchi Saei - Mohammadreza Sharbaf
more
Samin Hamayesh - Version 44.2.0