0% Complete
فارسی
Home
/
پانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش
Cryptanalysis of two password authenticated key exchange schemes
Authors :
Mohammad Ali Poorafsahi
1
Hamid Mala
2
1- دانشگاه اصفهان
2- دانشگاه اصفهان
Keywords :
Authentication،EKE،Key Exchange،LWE،PAKE،assword guessing attack
Abstract :
In the realm of password authenticated key exchange (PAKE) protocols, security and efficiency are of greatest importance. This article examines two modern PAKE schemes: the RLWE-SRP, a quantum-safe variant of the Secure Remote Password (SRP) protocol, and the ID-PAKE-PFS, an identity-based Password Authentication and Key Establishment scheme. Our analysis reveals specific vulnerabilities in both protocols: RLWE-SRP is susceptible to Denial of Service (DoS) attacks due to the lack of initial message validation, while ID-PAKE-PFS is vulnerable to password guessing attacks due to the inclusion of identities in ciphertexts. To address these vulnerabilities, we propose modifications for each of them: (1) For RLWE-SRP, we introduce a hash-based validation step in the authentication phase to verify the authenticity of initial messages. (2) For ID-PAKE-PFS, we suggest slight modification in how ciphertexts are calculated to prevent attackers from verifying password guesses. These modifications effectively strengthen both protocols against their respective vulnerabilities while maintaining their core functionalities in both classical and post-quantum environments.
Papers List
List of archived papers
Target-driven Navigation of a Mobile Robot using an End-to-end Deep Learning Approach
Mohammad Matin Hosni - Ali Kheiri - Esmaeil Najafi
A Hybrid Method to Reduce the Voltage Consumption in the Spiking Neural Networks
Shaghayegh Mehdizadeh saraj - Seyyed Amir Asghari - Mohammadreza Binesh Marvasti
یک روش کارآمد جهت تشخیص آنلاین حملات DRDoS به سرویس های مبتنی بر UDP درمعماری SDN با استفاده از الگوریتم های یادگیری ماشین
میترا اکبری کهنه شهری - دکتر رضا محمدی - دکتر محمد نصیری میترا اکبری کهنه شهری - رضا محمدی - محمد نصیری -
SPA Bot: Smart Price-Action Trading Bot for Cryptocurency Market
Dr Hamid Jazayeriy - Mohammad Daryani
Knowledge gap extraction based on the learner click behavior in interaction with videos using the association rule algorithm
Yosra Bahrani - Omid Fatemi
StockFM: پیش بینی قیمت بازار بورس ایران به کمک مدل بنیادین سری زمانی
فاطمه چیت ساز - سامان هراتی زاده
تشخیص بیماری شبکوری با استفاده از ترکیب الگوریتمهای یادگیری عمیق
میثم فتاحی
A clonal selection mechanism for load balancing in the cloud computing system
Melika Mosayyebi - Reza Azmi
An Eco-Friendly Cosmopolitan (EFC) by Recycling Scientific/Industrial Towns (RSITs)
Engineer Reza Khalilian - Dr. Abdalhossein Rezai - Dr. Mohammadreza Talakesh
Enhancing Mutation Testing through Grammar Fuzzing and Parse Tree-Driven Mutation Generation
Mohamad Khorsandi - Alireza Dastmalchi Saei - Mohammadreza Sharbaf
more
Samin Hamayesh - Version 41.3.1