Lixi Zhou, Jiaqing Chen, et al.
VLDB
Paper
Secure Password-Based Cipher Suite for TLS
Abstract
SSL is the de facto standard today for securing end-to-end transport on the Internet. While the protocol itself seems rather secure, there are a number of risks that lurk in its use, for example, in web banking. However, the adoption of password-based key-exchange protocols can overcome some of these problems. We propose the integration of such a protocol (DH-EKE) in the TLS protocol, the standardization of SSL by IETF. The resulting protocol provides secure mutual authentication and key establishment over an insecure channel. It does not have to resort to a PKI or keys and certificates stored on the users computer. Additionally, its integration in TLS is as minimal and non-intrusive as possible. © 2001, ACM. All rights reserved.
Related
Conference paper
QALD-3: Multilingual question answering over linked data
Elena Cabrio, Philipp Cimiano, et al.
CLEF 2013
Fan Zhang, Junwei Cao, et al.
IEEE TETC
Conference paper
Performance measurement and data base design
Alfonso P. Cardenas, Larry F. Bowman, et al.
ACM Annual Conference 1975