Efficient and secure password-based authentication protocols against guessing attacks

We propose authentication and key exchange protocols which are both efficient and secure against password guessing attacks. Conventional authentication protocols have assumed that a strong secret should be shared between communicating participants, in the light of a threat of guessing attacks. A cryptographically long secret would be favored for security reasons, but it is not suitable for users to remember. Recent password-based protocols to defeat guessing attacks are more expensive than previous ones, in terms of the computation and communication costs. Using a one-time pad and a strong one-way hash function, we promote both security and efficiency. Thereby, we also verify our protocol formally. (C) 1998 Elsevier Science B.V.