Scribd
Upload
58 views3 pages

Lamport'S Hash (I)

1) Lamport's hash protocol allows a user to authenticate to a server using only a password by having the user and server compute hashes of the password incrementally over multiple authentications. 2) It uses a "salt" value to allow the same password to be used on multiple servers and retains the same password when the hash counter reaches 1. 3) Issues include the server not being authenticated to the user and vulnerability to guessing the password when the hash counter is low.

Uploaded by

Jyoti Bhatnagar
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
58 views3 pages

Lamport'S Hash (I)

1) Lamport's hash protocol allows a user to authenticate to a server using only a password by having the user and server compute hashes of the password incrementally over multiple authentications. 2) It uses a "salt" value to allow the same password to be used on multiple servers and retains the same password when the hash counter reaches 1. 3) Issues include the server not being authenticated to the user and vulnerability to guessing the password when the hash counter is low.

Uploaded by

Jyoti Bhatnagar
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

LAMPORTS HASH (I) STRONG PASSWORD PROTOCOLS

Lamports Hash, EKE, SPEKE, PDM Server B authenticates user A A has only a password and As workstation has no private key Secure against eavesdropping and attacks on Bs database

LAMPORTS HASH (II)


A chooses a password and a number n ( 1000) A computes hashn (password) For each user B stores - username (transmitted by A) - integer n decremented after each authentication n - hash (password)

LAMPORTS HASH (III)


A, password A A As workstation n
n-1

B (password)

x = hash
n

Initially B knows n and hash (password) On receipt of x, it hashes x and compares result to hash (password) n If equal, B replaces hash (password), n with x, n-1

LAMPORTS HASH (IV)


May enhance with salt A chooses salt and sends to B together with n and hash n (password salt) B sends (n, salt) to A on request Allows A to use same password on multiple servers Allows A to retain same password when n=1

LAMPORTs HASH - ISSUES


Unless salt is used reinstall password when n = 1 B is not authenticated by A Vulnerable to small n attack May employ without workstation software (i.e. user is provided with table of n hash (password) and n)

Encrypted Key Exchange (EKE)


Uses weak secret derived from password Protects against dictionary attack Multiple incorrect guesses should raise alarm
A

EKE (II)
share weak secret W = f (password) A, EW (g mod p) EW (gb mod p, C1) K = g mod p EK (C , C )
1 2 ab a

EK (C2 )

Simple Password Exponential Key Exchange (SPEKE)


Uses weak secret W in place of g in Diffie Hellman exchange in EKE Exchanges W mod p and W mod p Agreed key is K = W mod p
ab a b

Password Derived Moduli (PDM)


Modulus p = f (password) g=2 Agreed key K = 2 mod p
ab

Secure Remote Password (SRP)


A, ga mod p g + g
A
b W

SRP Details
A computes W from password B stores g W mod p and associates with A g and p are fixed for the system a and b are chosen by A, B respectively challenges c1 and c2 are chosen by A, B respectively B additionally chooses a 32-bit number u SRP is documented in RFC 2945 and is common in IETF protocols

mod p, u, c1
B

K = g b(a + uW) mod p E (c 1 ), c2 E (c2 )

You might also like