Referenced Items are not available for this document.
In this paper, security of ID documents (such as passports) is discussed. A class of cryptographic protocols called Password-Authenticated Key Exchange (PAKE) provides a more robust solution to this problem. PAKE protocols ensure that an eavesdropper can't learn any information on the low-entropy secret. They're also required to be as secure as possible against all passive and active attacks. Basically, all an adversary can do to learn the password is an online dictionary attack (guess the password and try to execute the protocol with one of the parties). We can prevent this through latency, smart card blocking, and so on. For implementing PAKE protocols, especially in constrained environments such as e-passports, elliptic-curve cryptography is fast and requires little memory. However, it involves representing numeric values (in this case, passwords) as points on an elliptic curve, and how to do this efficiently and se curely isn't obvious.
Published in:
Security & Privacy, IEEE
(Volume:9
,
Issue:
2
)
Date of Publication: March-April 2011
- Page(s):
- 75 - 78
- ISSN :
- 1540-7993
- INSPEC Accession Number:
- 11903421
- Digital Object Identifier :
- 10.1109/MSP.2011.37
- Product Type:
- Journals & Magazines
- Date of Current Version :
- 28 March 2011
- Issue Date :
- March-April 2011
- Sponsored by :
- IEEE Computer Society
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
