Password-based challenge-response

Password-based challenge-response
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Password-based challenge-response popboyz69 12-26-2006
Posted by on December 26, 2006, 7:34 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello all,

I have this question, hope to get some guidance...

Fora simple password-based challenge-response protocol between a user A
and a server S, where Pa is A's password, n is a random nonce generated
by the server, and h is a known cryptographic hash function.

1. S -> A: E(Pa,n)
2. A -> S: E(Pa,h(n))

How to show that this protocol is vulnerable to an off-line password
guessing attack? and how would the attack take place ?. Under which
circumstances would the vulnerability not be a problem?

any references and views are appreciated-----
thanks again....!merry christmas !!!



The site map in XML format XML site map

Contact Us | Privacy Policy