{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00074815","sets":["6164:6165:6462:6463"]},"path":["6463"],"owner":"5","recid":"74815","title":["Understanding Server-Compromise Impersonation Attacks in Augmented PAKE "],"pubdate":{"attribute_name":"公開日","attribute_value":"2009-10-19"},"_buckets":{"deposit":"e2f8f220-38cf-447b-b2a0-15821c0e02aa"},"_deposit":{"id":"74815","pid":{"type":"depid","value":"74815","revision_id":0},"owners":[5],"status":"published","created_by":5},"item_title":"Understanding Server-Compromise Impersonation Attacks in Augmented PAKE ","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"Understanding Server-Compromise Impersonation Attacks in Augmented PAKE "},{"subitem_title":"Understanding Server-Compromise Impersonation Attacks in Augmented PAKE ","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"プロトコル","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2009-10-19","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"(独)産業技術総合研究所情報セキュリティ研究センター"},{"subitem_text_value":"(独)産業技術総合研究所情報セキュリティ研究センター"},{"subitem_text_value":"(独)産業技術総合研究所情報セキュリティ研究センター/中央大学理工学部電気電子情報通信工学科"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"RCIS","subitem_text_language":"en"},{"subitem_text_value":"RCIS","subitem_text_language":"en"},{"subitem_text_value":"RCIS/AIST\n \n \n \n ","subitem_text_language":"en"},{"subitem_text_value":"RCIS","subitem_text_language":"en"},{"subitem_text_value":"RCIS/AIST\n \n \n \n ","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/74815/files/IPSJ-CSS2009B82.pdf"},"date":[{"dateType":"Available","dateValue":"2011-10-19"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2009B82.pdf","filesize":[{"value":"195.2 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"44d616a4-3331-4486-bd8b-6d6647c139d4","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2009 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"辛, 星漢"},{"creatorName":"古原, 和邦"},{"creatorName":"今井, 秀樹"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"SeongHan, Shin","creatorNameLang":"en"},{"creatorName":"Kazukuni, Kobara","creatorNameLang":"en"},{"creatorName":"Hideki, Imai","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"Augmented PAKE (Password-Authenticated Key Exchange) プロトコルはパスワードのみで認証付き鍵共有をしながらさらに Server-Compromise Impersonation (SCI) 攻撃にも安全性を有する者である。現在、複数の augmented PAKE プロトコルが ISO/IEC JTC1/SC 2711770-4 で標準化され、IEEE P1363.2 working group でも標準化が検討されている。本稿では、Serve-Compromise Impersonation (SCI) 攻撃を再考察することで二つの augmented PAKE プロトコルが実は SCI 攻撃に安全ではないことを示す。","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"An augmented PAKE (Password-Authenticated Key Exchange) protocol is said to be secure against server-compromise impersonation attacks if an attacker who obtained client's password vertification data from a server cannot impersonate the client without performing offline dictionary attacks on the passoword vertification data. Until now, several augmented PAKE protocols have been standarized in ISO/IEC JTC1/SC 27 11770-4 and are being standardized in IEEE P1363.2 working group. In this paper, we revisit server-compromise impersonation attacks by showing that two augmented PAKE protocols (claimed to be secure) are actually insecure against server-compromise impersonation attacks. more specifically, we present generic server-compromise impersonation attacks on the two augmented PAKE prococols.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"6","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2009 (CSS2009) 論文集"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2011-10-12","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2009"}]},"relation_version_is_last":true,"weko_creator_id":"5"},"id":74815,"updated":"2025-01-21T21:24:36.183322+00:00","links":{},"created":"2025-01-18T23:32:11.086233+00:00"}