Undetectable on-line password guessing attacks - Citegraph

Paper Info

Title
Undetectable on-line password guessing attacks

Abstract
Several 3-party-based authentication protocols have been proposed, which are resistant to off-line password guessing attacks. We show that they are not resistant to a new type of attack called "undetectable on-line password guessing attack". The authentication server is not able to notice this kind of attack from the clients' (attacker's) requests, because they don't include enough information about the clients (or attacker). Either freshness or authenticity of these requests is not guaranteed. Thus the authentication server responses and leaks verifiable information for an attacker to verify his guess.

Year	DOI	Venue
1995	10.1145/219282.219298	Operating Systems Review
Keywords	Field	DocType
undetectable on-line password,enough information,off-line password,new type,3-party-based authentication protocol,leaks verifiable information,authentication server,authentication server response,authentication protocol	Password cracking,Password strength,Challenge–response authentication,Computer science,Computer security,Key stretching,S/KEY,One-time password,Password,Cognitive password	Journal
Volume	Issue	Citations
29	4	132
PageRank	References	Authors
6.78	6	2

Search Limit

100132

Authors (2 rows)

Cited by (100 rows)

References (6 rows)

Name	Order	Citations	PageRank
Yun Ding	1	132	6.78
Patrick Horster	2	371	51.55

1