Skip to Main Content

IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account | Sign In

Author Search^beta | Advanced Search | Preferences | | More Search Options

Browse Conference Publications > Research in Security and Priv ...

Encrypted key exchange: password-based protocols secure against dictionary attacks

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Username

Password

Purchase PDF
Other Formats

Formats	Non-Member	Member
PDF	$31	$13

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

Already Purchased? View Article
Subscription Options Learn More

2 Author(s)

Bellovin, S.M. ; AT&T Bell Lab., Murray Hill, NJ, USA ; Merritt, Michael

Classic cryptographic protocols based on user-chosen keys allow an attacker to mount password-guessing attacks. A combination of asymmetric (public-key) and symmetric (secret-key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. In particular, a protocol relying on the counter-intuitive motion of using a secret key to encrypt a public key is presented. Such protocols are secure against active attacks, and have the property that the password is protected against offline dictionary attacks

Published in:
Research in Security and Privacy, 1992. Proceedings., 1992 IEEE Computer Society Symposium on

Date of Conference: 4-6 May 1992

Page(s):: 72 - 84
Meeting Date :: 04 May 1992-06 May 1992
Print ISBN:: 0-8186-2825-1
INSPEC Accession Number:: 4319343

Conference Location :: Oakland, CA
Digital Object Identifier :: 10.1109/RISP.1992.213269
Product Type:: Conference Publications

Author(s)

Bellovin, S.M.
AT&T Bell Lab., Murray Hill, NJ, USA
Merritt, Michael

INSPEC: CONTROLLED INDEXING

authorisation

cryptography

data privacy

glossaries

message authentication

protocols

INSPEC: NON CONTROLLED INDEXING

authentication

cryptographic protocols

insecure network

offline dictionary attacks

password-based protocols

public-key cryptography

secret-key cryptography

user-chosen keys

IEEE TERMS

Authentication

Cryptographic protocols

Dictionaries

Protection

Public key

Public key cryptography

Random number generation

Security

Referenced Items are not available for this document.

No versions found for this document.

Standards Dictionary Terms are available to subscribers only.

| Create Account

IEEE Account

Purchase Details

Profile Information

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

IEEE Advancing Technology for Humanity

About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.