Secure Sessions from Weak Secrets

B. Christianson, M. Roe, D. Wheeler

    Research output: Contribution to journalArticlepeer-review

    5 Citations (Scopus)
    39 Downloads (Pure)


    Sometimes two parties who already share a weak secret k such as a password wish to share also a strong secret s such as a session key without revealing information about k to an active attacker. We assume that both parties can generate strong random numbers and forget secrets, and present new protocols for secure strong secret sharing, based on RSA, Diffie-Hellman, and El-Gamal. As well as being simpler and quicker than their predecessors, our protocols also have stronger security properties. In particular, our protocols make no cryptographic use of s and so do not impose subtle restrictions upon the use which is subsequently made of s by other protocols. Neither do we rely upon the existence of hash functions with serendipitous properties. In the course of presenting these protocols, we also consider how to frustrate some new types of cryptographic and system attack.
    Original languageEnglish
    Pages (from-to)190-205
    JournalLecture Notes in Computer Science (LNCS)
    Publication statusPublished - 2005


    Dive into the research topics of 'Secure Sessions from Weak Secrets'. Together they form a unique fingerprint.

    Cite this