| 题名 |
Cryptanalysis of the Secure Sessions from Weak Secrets Protocols |
| DOI |
10.6633/IJNS.200603.2(2).08 |
| 作者 |
Jolyon Clulow |
| 关键词 |
Cryptanalysis ; password ; security protocol |
| 期刊名称 |
International Journal of Network Security |
| 卷期/出版年月 |
2卷2期(2006 / 03 / 01) |
| 页次 |
138 - 140 |
| 内容语文 |
英文 |
| 英文摘要 |
The Short Secret Sharing Protocols (S3P), proposed by Roe et al in 1998 [13] and revised in 2003 [14], is a family of protocols that bootstrap secure session keys from weak secrets such as passwords. In this letter, we describe an attack against the RSA variants of the S3P protocols. The attacker can successfully masquerade as one of the participants, establish a new session, and gain knowledge of the session key. We present possible modifications to the protocol to prevent such an attack. |
| 主题分类 |
基礎與應用科學 >
資訊科學 |
