Password Authentication References

[DS81]
D. Denning and G. Sacco, "Timestamps in Key Distribution Systems", Communications of the ACM, August 1981.

[BM89]
S. M. Bellovin and M. Merritt, "Limitations of the Kerberos Authentication System", Proceedings of the 1991 USENIX Conference, Dallas, TX 1991.

[BM92]
S. M. Bellovin and M. Merritt, "Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks", Proceedings of the 1992 IEEE Computer Society Conference on Research in Security and Privacy, May 1992.

[BM94]
S. M. Bellovin and M. Merritt, "Augmented Encrypted Key Exchange: a Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise", AT&T Bell Laboratories (c. 1994).

[HA94]
N. Haller and R. Atkinson, "On Internet Authentication", RFC 1704, Naval Research Laboratory, October 1994.

[STW95]
M. Steiner, G. Tsudik, and M. Waidner, "Refinement and Extension of Encrypted Key Exchange", ACM Operating Systems Review, Vol. 29, No. 3, July 1995.

[Jab96]
D. Jablon, "Strong Password-Only Authenticated Key Exchange", ACM Computer Communications Review, October 1996.

[Sch96]
B. Schneier, "Applied Cryptography", 2nd ed., John Wiley & Sons, 1996.

[Lu97]
S. Lucks, "Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys.", Proceedings of the Security Protocols Workshop, LNCS 1361, Springer-Verlag, Berlin, 1997.

[Wu98]
T. Wu, "The Secure Remote Password Protocol", in Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, San Diego, CA, Mar 1998, pp. 97-111.

[LL99]
Y. K. Lee, J. K. Lee, "EC-SRP Protocol: Elliptic Curve Secure Remote Password Protocol", Korea Institute of Information Security and Cryptology, Vol 9, No. 1, pp. 85-102, 1999.

[MS99]
P. MacKenzie and R. Swaminathan, "Secure Network Authentication with Password Identification", Submission to IEEE P1363a, August 1999.

[Wu99]
T. Wu, "A Real-World Analysis of Kerberos Password Security", in Proceedings of the 1999 Internet Society Network and Distributed System Security Symposium, San Diego, CA, Feb 1999.

[BR00]
M. Bellare and P. Rogaway, "The AuthA Protocol for Password-Based Authenticated Key Exchange", Submission to the IEEE P1363 Password Authentication Study Group, March 14, 2000.

[Kwon00]
T. Kwon, "Authentication and Key Agreement via Memorable Password", Submission to the IEEE P1363 Password Authentication Study Group, May 2000.


Back