Zero-knowledge password proof

Zero-knowledge password proof

A zero-knowledge password proof (ZKPP) refers to a password-authenticated key agreement protocol that is secure against off-line dictionary attacks. The terminology "zero-knowledge password proof" is not used in the technical (cryptographic) literature, and is somewhat of a misnomer as it does not have much in common with zero-knowledge proofs. (Technically speaking, existing password-authenticated key agreement protocols are not zero knowledge.) The terminology ZKPP likely developed based on the intuitive idea that a secure protocol for password-authenticated key agreement works by convincing the server that the client knows the correct password without sending the password to the server in the clear.

External links

* [http://grouper.ieee.org/groups/1363/passwdPK/index.html IEEE P1363.2: Proposed Standard for Password-Based Public-Key Cryptography]
* [http://jablon.org/passwordlinks.html David Jablon's links for password-based cryptography]


Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • Zero-knowledge proof — In cryptography, a zero knowledge proof or zero knowledge protocol is an interactive method for one party to prove to another that a (usually mathematical) statement is true, without revealing anything other than the veracity of the statement.A… …   Wikipedia

  • Zero-knowledge web application — Zero knowledge web applications are a special kind of online services that were defined and introduced by the development team at [http://www.clipperz.com Clipperz] in 2006. They dubbed their online password manager the first zero knowledge web… …   Wikipedia

  • Password cracking — is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a… …   Wikipedia

  • Password — For other uses, see Password (disambiguation). A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password… …   Wikipedia

  • Proof of knowledge — In cryptography, a proof of knowledge is an interactive proof in which the prover succeeds convincing a verifier that it knows something. What it means for a machine to know something is defined in terms of computation. A machine knows something …   Wikipedia

  • Password-authenticated key agreement — In cryptography, a password authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party s knowledge of a password. Contents 1 Types 2 Brief history 3 See also …   Wikipedia

  • Secure remote password protocol — The Secure Remote Password Protocol (SRP) is a password authenticated key agreement protocol. Overview The SRP protocol has a number of desirable properties: it allows a user to authenticate himself to a server, it is resistant to dictionary… …   Wikipedia

  • Security token — Several types of security tokens with a penny for scale …   Wikipedia

  • Challenge-response authentication — For the spam filtering technique, see Challenge response spam filtering. For other uses, see CRAM (disambiguation). In computer security, challenge response authentication is a family of protocols in which one party presents a question (… …   Wikipedia

  • Encrypted key exchange — (also known as EKE) is a family of password authenticated key agreement methods described by Steven M. Bellovin and Michael Merritt. [cite conference|author=S. M. Bellovin|coauthors=M. Merritt|title=Encrypted Key Exchange: Password Based… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”