Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students

Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks

Barry Jaspan


Password-based key-server protocols are susceptible to password chaining attacks, in which an enemy uses knowledge of a user's current password to learn all future passwords. As a result, the exposure of a single password effectively compromises all future communications by that user. The same protocols also tend to be vulnerable to dictionary attacks against user passwords.

Bellovin and Merrit[BelMer92] presented a hybrid of symmetric- and public-key cryptography called Encrypted Key Exchange (EKE) that cleanly solves the dictionary attack problem. This paper presents an extension of their ideas called /dual-workfactor encrypted key exchange/ that preserves EKE's strength against dictionary attacks but also efficiently prevents passive password-chaining attacks.

View the full text of this paper in ASCII (38,001 Bytes) and POSTSCRIPT (409,925 Bytes) form.

To Become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 1 May 2002 aw
Conference Index