• Complex
  • Title
  • Keyword
  • Abstract
  • Scholars
  • Journal
  • ISSN
  • Conference
搜索

Author:

Liu, Fanbao (Liu, Fanbao.) | Chen, Yasha (Chen, Yasha.) | Dong, Yuan (Dong, Yuan.)

Indexed by:

EI Scopus

Abstract:

Hash-based challenge-and-response protocols are widely used as an authentication scheme in network applications. The authenticator sends a random string as a challenge to the peer, the peer generates a response with a hash function on a pre-shared password combined the received challenge. In this paper, we propose a general and efficient way to break some prevalent hash-based challenge- and-response protocols in use. These protocols are vulnerable to the chosen challenge attack launched by a malicious user, who impersonates the server. We first generate a rainbow table containing hash values of all possible passwords, which is produced by hashing a pre-chosen challenge concatenated with all possible password candidates. Second, we impersonate the authenticator and send the pre-chosen challenge to the peer. Finally, we look up in the rainbow table for the received response from the peer to crack the password. With this tactic, we can do the cost consuming pre-computation once, and then we can always use it to recover all of the peer's passwords with only one additional on-line query. © 2012 IEEE.

Keyword:

Authentication Hash functions

Author Community:

  • [ 1 ] [Liu, Fanbao]School of Computer, National University of Defense Technology, Changsha, 410073, Hunan, China
  • [ 2 ] [Liu, Fanbao]School of Computer, Beijing University of Technology, 100124, Beijing, China
  • [ 3 ] [Chen, Yasha]School of Computer, Beijing University of Technology, 100124, Beijing, China
  • [ 4 ] [Dong, Yuan]Naval Meteorology and Oceanography Center, 100000, Beijing, China

Reprint Author's Address:

Show more details

Related Keywords:

Source :

Year: 2012

Page: 59-62

Language: English

Cited Count:

WoS CC Cited Count: 0

SCOPUS Cited Count:

ESI Highly Cited Papers on the List: 0 Unfold All

WanFang Cited Count:

Chinese Cited Count:

30 Days PV: 5

Online/Total:880/10810169
Address:BJUT Library(100 Pingleyuan,Chaoyang District,Beijing 100124, China Post Code:100124) Contact Us:010-67392185
Copyright:BJUT Library Technical Support:Beijing Aegean Software Co., Ltd.