Further observations on smart-card-based password-authenticated key agreement in distributed systems

Huang,X, Chen,X, Li,J, Xiang,Y and Xu,L 2014, Further observations on smart-card-based password-authenticated key agreement in distributed systems, IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 7, pp. 1767-1775, doi: 10.1109/TPDS.2013.230.

Attached Files
Name Description MIMEType Size Downloads

Title Further observations on smart-card-based password-authenticated key agreement in distributed systems
Author(s) Huang,X
Xiang,YORCID iD for Xiang,Y orcid.org/0000-0001-5252-0831
Journal name IEEE Transactions on Parallel and Distributed Systems
Volume number 25
Issue number 7
Start page 1767
End page 1775
Total pages 9
Publisher IEEE Computer Society
Place of publication Piscataway, N. J
Publication date 2014-07
ISSN 1045-9219
Keyword(s) Authentication
key exchange
offline-dictionary attack
online-dictionary attack
smart card
Science & Technology
Computer Science, Theory & Methods
Engineering, Electrical & Electronic
Computer Science
Summary This paper initiates the study of two specific security threats on smart-card-based password authentication in distributed systems. Smart-card-based password authentication is one of the most commonly used security mechanisms to determine the identity of a remote client, who must hold a valid smart card and the corresponding password to carry out a successful authentication with the server. The authentication is usually integrated with a key establishment protocol and yields smart-card-based password-authenticated key agreement. Using two recently proposed protocols as case studies, we demonstrate two new types of adversaries with smart card: 1) adversaries with pre-computed data stored in the smart card, and 2) adversaries with different data (with respect to different time slots) stored in the smart card. These threats, though realistic in distributed systems, have never been studied in the literature. In addition to point out the vulnerabilities, we propose the countermeasures to thwart the security threats and secure the protocols. © 2013 IEEE.
Language eng
DOI 10.1109/TPDS.2013.230
Field of Research 080503 Networking and Communications
Socio Economic Objective 890202 Application Tools and System Utilities
HERDC Research category C1 Refereed article in a scholarly journal
ERA Research output type C Journal article
Copyright notice ©2014, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30067737

Document type: Journal Article
Collections: School of Information Technology
2018 ERA Submission
Connect to link resolver
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 21 times in TR Web of Science
Scopus Citation Count Cited 27 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 274 Abstract Views, 12 File Downloads  -  Detailed Statistics
Created: Mon, 02 Feb 2015, 10:39:29 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.