0% Complete
English
صفحه اصلی
/
پانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش
Cryptanalysis of two password authenticated key exchange schemes
نویسندگان :
Mohammad Ali Poorafsahi
1
Hamid Mala
2
1- دانشگاه اصفهان
2- دانشگاه اصفهان
کلمات کلیدی :
Authentication،EKE،Key Exchange،LWE،PAKE،assword guessing attack
چکیده :
In the realm of password authenticated key exchange (PAKE) protocols, security and efficiency are of greatest importance. This article examines two modern PAKE schemes: the RLWE-SRP, a quantum-safe variant of the Secure Remote Password (SRP) protocol, and the ID-PAKE-PFS, an identity-based Password Authentication and Key Establishment scheme. Our analysis reveals specific vulnerabilities in both protocols: RLWE-SRP is susceptible to Denial of Service (DoS) attacks due to the lack of initial message validation, while ID-PAKE-PFS is vulnerable to password guessing attacks due to the inclusion of identities in ciphertexts. To address these vulnerabilities, we propose modifications for each of them: (1) For RLWE-SRP, we introduce a hash-based validation step in the authentication phase to verify the authenticity of initial messages. (2) For ID-PAKE-PFS, we suggest slight modification in how ciphertexts are calculated to prevent attackers from verifying password guesses. These modifications effectively strengthen both protocols against their respective vulnerabilities while maintaining their core functionalities in both classical and post-quantum environments.
لیست مقالات
لیست مقالات بایگانی شده
IT-based and Non-IT-based methods to separate and collect waste
Hoda Harati - Farzad Haghighi-Rad - Reza Yousefi Zenouz
Electrophysiological Modeling and Interactive Approaches of Electrical Circuits and Hypergraphs for Understanding Neural Circuit Dynamics
Arian Baymani - Maryam Naderi Soorki
پیش بینی ارتباط میزان مرگ و میر با هم زمانی وجود دو بیماری در مبتلایان به کرونا به کمک بگارگیری شبکه عصبی Word2Vec
سمن مثقالی - دکتر جواد عسکری سمن مثقالی - جواد عسکری -
A Neural-based Approach to Aid Early Parkinson's Disease Diagnosis
Dr Armin Salimi-badr - Mohammad Hashemi
Investigating the impact of management information systems (MIS) on organizational transparency with an emphasis on work ethics
Sadegh Balouch - Omid mehdi Ebadati
Integration of Electric Vehicles in Smart Grid using Deep Reinforcement Learning
Farkhondeh Kiaee
Web Service Ranking based on QoS and Use Prefer
Seyed Hossein Siadat - Danial Ramezani - Fatemeh Ahani
Ensemble Model Based on an Improved Convolutional Neural Network with a Domain-agnostic Data Augmentation Technique
Faraz Fatahnaie - Armin Azhdehnia - Seyyed Amir Asghari - Mohammadreza Binesh Marvasti
An integrated approach for estimating software cost estimation using Adaptive Neuro-Fuzzy Inference System and the Grey Wolf Optimization algorithm
Maryam Karimi - Taghi Javdani Gandomani - Mahdi Mosleh
A Novel Service Deployment Policy in Fog Computing Considering The Degree of Availability and Fog Landscape Utilization Using Multiobjective Evolutionary Algorithms
Maryam Eslami - Dr Mehdi Sakhaei-nia
بیشتر
ثمین همایش، سامانه مدیریت کنفرانس ها و جشنواره ها - نگارش 42.0.3