Li Gong, T. Mark A. Lomas, Roger M. Needham, Jerome H. Saltzer  Home/Search
Context Related
| sri.com/~gong/pape...ordguessing.ps.gz upenn.edu/~cis700...ordguessing.ps.gz sri.com/users/gong...ordguessing.ps.gz Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: sri.com/~gong/papers/pubs93 (more) From: upenn.edu/~cis7002/ (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: In a security system that allows people to choose their own passwords, those people tend to choose passwords that can be easily guessed. This weakness exists in practically all widely used systems. Instead of forcing users to choose well-chosen secrets, which are likely to be difficult to remember, we propose solutions that maintain both user convenience and a high level of security at the same time. The basic idea is to ensure that data available to the attacker is sufficiently unpredictable... (Update)
Cited by: More
Spelling-Error Tolerant, Order-Independent.. - Damerau-Levenshtein.. (Correct)
Security Weakness in a Three-Party Password-Based Key Exchange .. - Nam, Kim, Won (2005) (Correct)
A Protocol for Secure Public Instant Messaging - Mannan, van Oorschot (2006) (Correct)
Active bibliography (related documents): More All
0.5: A Note on Redundancy in Encrypted Messages - Li Gong (1990) (Correct)
0.4: A Method for Examining Cryptographic Protocols - Tjaden (1997) (Correct)
0.3: Security for a High Performance Commodity Storage Subsystem - Gobioff (1999) (Correct)
Similar documents based on text: More All
0.8: Analysing Protocols Subject to Guessing Attacks - Lowe (2001) (Correct)
0.6: Preventing Guessing Attacks Using Fingerprint - Alves-Foss (Correct)
0.5: Some Remarks on Protecting Weak Keys and Poorly-Chosen.. - Tsudik, Van Herreweghen (1993) (Correct)
Related documents from co-citation: More All
61: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attac.. - Bellovin, Merritt - 1992
43: Strong password-only authenticated key exchange - Jablon - 1996
32: Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Ke.. - Lucks - 1997
BibTeX entry: (Update)
L.Gong, M.Lomas, R.Needham, J.Saltzer, "Protecting Poorly Chosen Secrets from Guessing Attacks", IEEE Journal on Selected Areas in Communications, Vol. 11, No. 5, (1993), pp. 648--656. http://citeseer.ist.psu.edu/article/gong93protecting.html More
@article{ gong93protecting,
author = "L. Gong and M. A. Lomas and R. M. Needham and J. H. Saltzer",
title = "Protecting Poorly Chosen Secrets from Guessing Attacks",
journal = "{IEEE} Journal on Selected Areas in Communications",
volume = "11",
number = "5",
pages = "648--656",
year = "1993",
url = "citeseer.ist.psu.edu/article/gong93protecting.html" }
Citations (may not include all citations):1529 A Method for Obtaining Digital Signatures and Public-Key Cry.. - Rivest, Shamir et al. - 1978
1450 The Design and Analysis of Computer Algorithms (context) - Aho, Hopcroft et al. - 1974
635 New Directions in Cryptography - Diffie, Hellman - 1976
450 Using Encryption for Authentication in Large Networks of Com.. (context) - Needham, Schroeder - 1978
317 Kerberos: An Authentication Service for Open Network Systems - Steiner, Neuman et al. - 1988
227 Privacy Enhancement for Internet Electronic Mail: Part I -- .. - Linn - 1989
202 Data Encryption Standard (context) - Bureau, Standards - 1977
194 The Protection of Information in Computer Systems (context) - Saltzer, Schroeder - 1975
150 Encrypted Key Exchange: Password-Based Protocols Secure Agai.. - Bellovin, Merritt - 1992
78 New York (context) - Kahn, Codebreakers - 1967
61 Password Security: A Case History - Morris, Thompson - 1979
61 Kerberos Authentication and Authorization System - Miller, Neuman et al. - 1988
44 Reducing Risks from Poorly Chosen Keys - Lomas, Gong et al. - 1989
40 On Message Integrity in Cryptographic Protocols (context) - Stubblebine, Gligor - 1992
27 A Security Risk of Depending on Synchronized Clocks - Gong - 1992
24 Authentication Revisited (context) - Needham, Schroeder - 1987
20 Efficient and Timely Mutual Authentication (context) - Otway, Rees - 1987
20 Cryptographic Protocols for Distributed Systems (context) - Gong - 1990
17 UNIX Password Security - Ten Years Later - Feldmeier, Karn
8 Password Cracking: A Game of Wits (context) - Seeley - 1989
7 The Data Encryption Standard: Past and Future (context) - Smid, Branstad - 1988
7 Foiling the Cracker: A Survey of, and Improvements to, Passw.. - Klein - 1990
7 Verifiable-Text Attacks in Cryptographic Protocols (context) - Gong - 1990
6 A Note on Redundancy in Encrypted Messages - Gong - 1990
3 Financial Institution Message Authentication (Wholesale (context) - Standard - 1986
1 Password Usage (context) - Bureau, Standards - 1985
1 VAX/VMS System Management: Guide to VMS System Security (context) - Corporation - 1989
1 Secure Networking (context) - Microsystems - 1988
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.csl.sri.com/~gong/papers/pubs93.html): More
Increasing Availability and Security of an Authentication Service - Gong (1993) (Correct)
Variations on the Themes of Message Freshness and Replay - or the.. - Gong (1993) (Correct)
Lower Bounds on Messages and Rounds for Network Authentication.. - Li Gong (1993) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC