HPAKE : Password authentication secure against cross-site user impersonation

Boyen, Xavier (2009) HPAKE : Password authentication secure against cross-site user impersonation. Lecture Notes in Computer Science, 5888, pp. 279-298.

View at publisher


We propose a new kind of asymmetric mutual authentication from passwords with stronger privacy against malicious servers, lest they be tempted to engage in “cross-site user impersonation” to each other.

It enables a person to authenticate (with) arbitrarily many independent servers, over adversarial channels, using a memorable and reusable single short password. Beside the usual PAKE security guarantees, our framework goes to lengths to secure the password against brute-force cracking from privileged server information.

Impact and interest:

2 citations in Scopus
2 citations in Web of Science®
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 69181
Item Type: Journal Article
Refereed: Yes
Additional Information: Proceedings of the 8th International Conference, CANS 2009, Kanazawa, Japan, December 12-14, 2009.
Additional URLs:
Keywords: Data Encryption , Systems and Data Security
DOI: 10.1007/978-3-642-10433-6_19
ISSN: 1611-3349 (online) 0302-9743 (print)
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2009 Springer-Verlag Berlin Heidelberg
Copyright Statement: Author's Pre-print: author can archive pre-print (ie pre-refereeing)
Author's Post-print: author can archive post-print (ie final draft post-refereeing)
Publisher's Version/PDF: author cannot archive publisher's version/PDF
Deposited On: 25 Mar 2014 23:51
Last Modified: 16 Jul 2014 05:52

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page