0% Complete
English
صفحه اصلی
/
پانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش
Cryptanalysis of two password authenticated key exchange schemes
نویسندگان :
Mohammad Ali Poorafsahi
1
Hamid Mala
2
1- دانشگاه اصفهان
2- دانشگاه اصفهان
کلمات کلیدی :
Authentication،EKE،Key Exchange،LWE،PAKE،assword guessing attack
چکیده :
In the realm of password authenticated key exchange (PAKE) protocols, security and efficiency are of greatest importance. This article examines two modern PAKE schemes: the RLWE-SRP, a quantum-safe variant of the Secure Remote Password (SRP) protocol, and the ID-PAKE-PFS, an identity-based Password Authentication and Key Establishment scheme. Our analysis reveals specific vulnerabilities in both protocols: RLWE-SRP is susceptible to Denial of Service (DoS) attacks due to the lack of initial message validation, while ID-PAKE-PFS is vulnerable to password guessing attacks due to the inclusion of identities in ciphertexts. To address these vulnerabilities, we propose modifications for each of them: (1) For RLWE-SRP, we introduce a hash-based validation step in the authentication phase to verify the authenticity of initial messages. (2) For ID-PAKE-PFS, we suggest slight modification in how ciphertexts are calculated to prevent attackers from verifying password guesses. These modifications effectively strengthen both protocols against their respective vulnerabilities while maintaining their core functionalities in both classical and post-quantum environments.
لیست مقالات
لیست مقالات بایگانی شده
Knowledge Graph Based Retrieval-Augmented Generation for Multi-Hop Question Answering Enhancement
Mahdi Amiri Shavaki - Pouria Omrani - Ramin Toosi - Mohammad Ali Akhaee
Target-driven Navigation of a Mobile Robot using an End-to-end Deep Learning Approach
Mohammad Matin Hosni - Ali Kheiri - Esmaeil Najafi
Distributed Deep Reinforcement Learning for Energy-Efficient and Low-Latency Load Balancing in Mobile Edge Computing
Pooria Azizi - Siavash Khorsandi
A Data-Driven Hybrid Algorithm for 2D Path Planning via Modeling and Metaheuristic-Based Identification
Vahid Safari Dehnavi - Masoud Shafiee
Conceptual Intelligent Model for Visual Question Answering using Attention Mechanism and Relational Reasoning
ٍElham Alighardash - Dr Hassan Khotanlou - Vahid Pour Amin
Secure Web-Based Control of ROS 1 Robots Using AES-256-GCM Encryption and LLM Integration
Ali Godarzvand chegini - Mohammad Arabian
A Comparative Evaluation of Machine Learning Models for Anomaly-Based IDS in IoT Networks
Seyed Amir Mousavi - Mostafa Sadeghi - Mohammad Sadeq Sirjani
شناسایی وبگاه های دامچینی به کمک شبکه عصبی گسستهساز بردار یادگیر (LVQ)
یگانه ستاری - غلامعلی منتظر
نقشه های شناختی فازی پیشرفته (FCM) رویکردی برای مدل سازی سیستم های پیچیده ی پویا
فریبا اسلامی امیرآبادی - کمال میرزایی بدرآبادی
Aspect-Based Sentiment Analysis of After-Sales Service Quality: A Case Study of Snowa and Competitors Using Digikala Reviews
Safiyeh Samadanian - Marjan Kaedi
بیشتر
ثمین همایش، سامانه مدیریت کنفرانس ها و جشنواره ها - نگارش 42.5.2