| Cryptanalysis and enhancement of authentication protocols (2006) | |||||||||||||
Abstract | |||||||||||||
| AN ABSTRACT THE DISSERTATION Minho Kim for the degree Doctor Philosophy Electrical and Computer Engineering presented August Title Cryptanalysis and Enhancement Authentication Protocols Abstract approved Cetin Kaya Authentication protocols play important roles network security variety authentication protocols ranging from complex public key cryptosystems simple password based authentication schemes have been proposed However currently there fully secure authentication scheme that can resist all known attacks When user authentication performed over insecure network additional problems arise due the fact that the communication may intercepted even altered attacker general one cannot assume that there secure channel between the client and the server this dissertation present specific cryptanalytic attacks existing protocols and show their vulnerabilities order design more secure protocols particular propose improved security schemes overcome certain security defects with registration login and password identifier change schemes also propose new authentications schemes which are more secure against guessing stolen verifier replay denial service and impersonation attacks than the existing protocols Copyright Minho Kim August All Rights Reserved Cryptanalysis and Enhancement Authentication Protocols Minho Kim DISSERTATION submitted Oregon State University partial fulfillment the requirements for the degree Doctor Philosophy Presented August Commencement June Doctor Philosophy disse. Authentication protocols play important roles in network security. A variety of authentication protocols ranging from complex public-key cryptosystems to simple password-based authentication schemes have been proposed. However, currently there is no fully secure authentication scheme that can resist all known attacks. When a user authentication is performed over an insecure network, additional problems arise due to the fact that the communication may be intercepted, or even altered, by an attacker. In general, one cannot assume that there is a secure channel between the client and the server. In this dissertation, we present specific cryptanalytic attacks on existing protocols and show their vulnerabilities in order to design more secure protocols. In particular, we propose improved security schemes to overcome certain security defects with registration, login, and password/identifier-change schemes. We also propose new authentications schemes which are more secure against guessing, stolen-verifier, replay, denial-of-service, and impersonation attacks than the existing protocols. | |||||||||||||
Publication details | |||||||||||||
| |||||||||||||
Cited publications (7) | |||||||||||||