Title | ||
---|---|---|
Prevention of Exponential Equivalence in Simple Password Exponential Key Exchange (SPEKE) |
Abstract | ||
---|---|---|
Simple Password Exponential Key Exchange (SPEKE) and Dragonfly are simple password-based authenticated key exchange protocols that use a value derived from a shared password as a generator for modular exponentiation, as opposed to Diffie-Hellman key exchange, which uses a fixed value. However, it has been shown that in SPEKE, an active attacker, can examine multiple passwords in a single attempt because the passwords have an exponential correlation. We show that Dragonfly can also suffer from the same problem, and we propose a simple countermeasure to prevent the exponential equivalence in SPEKE. |
Year | DOI | Venue |
---|---|---|
2015 | 10.3390/sym7031587 | SYMMETRY-BASEL |
Keywords | Field | DocType |
Exponential equivalence,password authentication,key exchange,SPEKE,Dragonfly | Combinatorics,Zero-knowledge password proof,Password strength,Key exchange,Authenticated Key Exchange,Theoretical computer science,Equivalence (measure theory),Password,SPEKE,Mathematics,Modular exponentiation,Distributed computing | Journal |
Volume | Issue | Citations |
7 | 3 | 1 |
PageRank | References | Authors |
0.37 | 4 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Hanwook Lee | 1 | 2 | 1.77 |
Dongho Won | 2 | 1262 | 154.14 |