Security Proof for Password Authentication in TLS-Verifier-based Three-Party Group Diffie-Hellman
The internet has grown greatly in the past decade, by some numbers exceeding 47 million active web sites and a total aggregate exceeding100 million web sites. What is common practice today on the Internet is that servers have public keys, but clients are largely authenticated via short passwords. Protecting these passwords by not storing them in the clear on institutions's servers has become a priority. This paper develops password-based ciphersuites for the Transport Layer Security (TLS) protocol that are: (1) resistant to server compromise; (2) provably secure; (3) believed to be free from patent and licensing restrictions based on an analysis of relevant patents in the area.
- Research Organization:
- Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)
- Sponsoring Organization:
- Computational Research Division
- DOE Contract Number:
- DE-AC02-05CH11231
- OSTI ID:
- 948495
- Report Number(s):
- LBNL-1443E; TRN: US200908%%35
- Country of Publication:
- United States
- Language:
- English
Similar Records
Provably Secure Password-based Authentication in TLS
Strong Password-Based Authentication in TLS Using the Three-PartyGroup Diffie-Hellman Protocol
A Security Solution for IEEE 802.11's Ad-hoc Mode:Password-Authentication and Group Diffie-Hellman Key Exchange
Conference
·
Tue Dec 20 00:00:00 EST 2005
·
OSTI ID:948495
+2 more
Strong Password-Based Authentication in TLS Using the Three-PartyGroup Diffie-Hellman Protocol
Journal Article
·
Sat Aug 26 00:00:00 EDT 2006
· International Journal of Security and Networks
·
OSTI ID:948495
+2 more
A Security Solution for IEEE 802.11's Ad-hoc Mode:Password-Authentication and Group Diffie-Hellman Key Exchange
Journal Article
·
Sat Oct 01 00:00:00 EDT 2005
· International Journal of Wireless and MobileComputing
·
OSTI ID:948495