Password-Based User Authentication Protocol for Mobile Environment

  • Sung-Won Moon
  • Young-Gab Kim
  • Chang-Joo Moon
  • Doo-Kwon Baik
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3961)


As mobile technologies evolve, mobile services tend to continuously expand and diversify. Therefore, developing security services appropriate for mobile environments is indispensable. This paper concentrates on how password-based user authentication protocols are applied to mobile environment, proposing the Password-based Authentication using Group Servers (PAGS) protocol. This protocol is able to provide authentication services relevant to mobile equipments to reduce complicated client processes in existing protocols. PAGS has the same security as protocols in [4,9], however this protocol is more appropriate for mobile equipments.


Agent Server Authentication Protocol Mobile Environment Secure Channel Dictionary Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. In: Proceedings of the I.E.E.E. Symposium on Research in Security and Privacy, Oakland (May 1992)Google Scholar
  2. 2.
    Bellovin, S., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password-file compromise. In: ACM Conference on Computer and Communications Security (1993)Google Scholar
  3. 3.
    Jablon, D.: Strong password-only authenticated key exchange. ACM Computer Communications Review (October 1996)Google Scholar
  4. 4.
    Ford, W., Kaliski, B.: Server-Assisted Generation of a Strong Secret from a Password. In: Proc. 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE, June 14-16 (2000)Google Scholar
  5. 5.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 139. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Gong, L., Lomas, T.M.A., Needham, R.M., Saltzer, J.H.: Protecting Poorly Chosen Secrets from Guessing Attacks. IEEE Journal on Selected Areas in Communications 11(5), 648–656 (1993)CrossRefGoogle Scholar
  7. 7.
    Perlman, R., Kaufman, C.: Secure Password-Based Protocol for Downloading a Private Key. In: Proc. 01999 Network and Distributed System Security Symposium, Internet Society (January 1999)Google Scholar
  8. 8.
    van Oorschot, P.C., Wiener, M.J.: On Diffie-Hellman Key Agreement with Short Exponents. In: Maurer, U.M. (ed.) EUROCRYPT 1996. van Oorschot, P.C., Wiener, M.J, vol. 1070, pp. 332–343. Springer, Heidelberg (1996)Google Scholar
  9. 9.
    Jablon, D.P.: Password Authentication Using Multiple Servers. In: The Cryptographers’ Track at RSA Conference 2001, San Francisco, CA, USA, April 8-12 (2001)Google Scholar
  10. 10.
    Mackenzie, P., Shrimpton, T., Jakobsson, M.: Threshold Password-Authenticated Key Exchange. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 385–400. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Mackenzie, P., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 599. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Boyko, V., MacKenzie, P., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, Springer, Heidelberg (2000)Google Scholar
  13. 13.
    Di Raimondo, M., Gennaro, R.: Provably Secure Threshold Password-Authenticated Key Exchange Extended Abstract. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 507–523. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Sung-Won Moon
    • 1
  • Young-Gab Kim
    • 2
  • Chang-Joo Moon
    • 3
  • Doo-Kwon Baik
    • 2
  1. 1.Mobile handset R&D Center, Mobile Communications CompanyLG ElectronicsSeoulKorea
  2. 2.Software System Lab. Dept.of Computer Science & EngineeringKorea University 1SeoulKorea
  3. 3.Department of Computer ScienceKonkuk UniversityChungju-si, Chungcheongbuk-doKorea

Personalised recommendations