Skip to main content
SpringerLink
Log in

Password-Based Protocols

  • Chapter
  • First Online:
Protocols for Authentication and Key Establishment

Part of the book series: Information Security and Cryptography ((ISC))

  • 2848 Accesses

Abstract

Cryptographic authentication relies on possession of a key by the party to be authenticated. Such a key is usually chosen randomly within its domain and can be of length from around 100 bits up to many thousands of bits, depending on the algorithm used and security level desired. Experience has shown [273, 741] that humans find it difficult to remember secrets in the form of passwords of even seven or eight characters. But if all upper- and lower-case letters are used together with the digits 0 to 9 then a random eight-character password represents less than 48 bits of randomness. Therefore we can conclude that even short random keys for cryptographic algorithms cannot be reliably remembered by humans. Another way to express this is that it can be assumed that a computer is able to search through all possible passwords in a short time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 119.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Author information

Authors and Affiliations

  1. Department of Information Security and Communication Technology, Norwegian University of Science and Technology, Trondheim, Norway

    Colin Boyd

  2. Dhirubhai Ambani Institute of Information and Communication Technology (DA-IICT), Gandhinagar, Gujarat, India

    Anish Mathuria

  3. Department of Combinatorics and Optimization, University of Waterloo, Waterloo, ON, Canada

    Douglas Stebila

Authors
  1. Colin Boyd
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anish Mathuria
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Douglas Stebila
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer-Verlag GmbH Germany, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Boyd, C., Mathuria, A., Stebila, D. (2020). Password-Based Protocols. In: Protocols for Authentication and Key Establishment. Information Security and Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-58146-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-58146-9_8

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-58145-2

  • Online ISBN: 978-3-662-58146-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation