Password-based cryptography
- Password-based cryptography
Password-based cryptography generally refers to two distinct classes of methods:
*Single-party methods
*Multi-party methods
ingle party methods
Some systems attempt to derive a cryptographic key directly from a password. However, such practice is generally ill-advised when there is a threat of brute-force attack. Techniques to mitigate such attack include passphrases and iterated (deliberately-slow) password-based key derivation functions such as PBKDF2 (RFC 2898).
Multi-party methods
Password-authenticated key agreement systems allow two or more parties that agree on a password (or password-related data)to derive shared keys without exposing the password or keys to network attack.Earlier generations of challenge-response authentication systemshave also been used with passwords, but these have generallybeen subject to eavesdropping and/or brute-force attacks on the password.
ee also
*Password
*Passphrase
*Password-authenticated key agreement
Wikimedia Foundation.
2010.
Look at other dictionaries:
Password — For other uses, see Password (disambiguation). A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password… … Wikipedia
Password-authenticated key agreement — In cryptography, a password authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party s knowledge of a password. Contents 1 Types 2 Brief history 3 See also … Wikipedia
Password strength — is a measurement of the effectiveness of a password as an authentication credential. Specifically, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to correctly guess it. The… … Wikipedia
Topics in cryptography — This article is intended to be an analytic glossary , or alternatively, an organized collection of annotated pointers.Classical ciphers*Autokey cipher *Permutation cipher*Polyalphabetic substitution **Vigenère cipher*Polygraphic substitution… … Wikipedia
SPEKE (cryptography) — SPEKE (Simple Password Exponential Key Exchange) is a cryptographic method for password authenticated key agreement.DescriptionThe protocol consists of little more than a Diffie Hellman key exchange where the Diffie Hellman generator g is created … Wikipedia
Zero-knowledge password proof — A zero knowledge password proof (ZKPP) refers to a password authenticated key agreement protocol that is secure against off line dictionary attacks. The terminology zero knowledge password proof is not used in the technical (cryptographic)… … Wikipedia
Cryptography — Secret code redirects here. For the Aya Kamiki album, see Secret Code. Symmetric key cryptography, where the same key is used both for encryption and decryption … Wikipedia
Cryptography standards — There are a number of standards related to cryptography. Standard algorithms and protocols provide a focus for study; standards for popular applications attract a large amount of cryptanalysis. Contents 1 Encryption standards 2 Hash standards 3… … Wikipedia
Outline of cryptography — See also: Index of cryptography articles The following outline is provided as an overview of and topical guide to cryptography: Cryptography (or cryptology) – practice and study of hiding information. Modern cryptography intersects the… … Wikipedia
Public-key cryptography — In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key … Wikipedia
