Abstract
We propose a new password-based 3-party protocol with a formal security proof in the standard model. Under reasonable assumptions we show that our new protocol is more efficient than the recent protocol of Abdalla and Pointcheval (FC 2005), proven in the random oracle model. We also observe some limitations in the model due to Abdalla, Fouque and Pointcheval (PKC 2005) for proving security of such protocols.
Research funded by Australian Research Council through Discovery Project DP0345775.
Extended abstract; for the full version see: http://sky.fit.qut.edu.au/~boydc/papers
Chapter PDF
Similar content being viewed by others
References
Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-Based Authenticated Key Exchange in the Three-Party Setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)
Abdalla, M., Pointcheval, D.: Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005), Full version: http://www.di.ens.fr/~pointche/pub.php?reference=AbPo05
Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of the thirtieth annual ACM symposium on Theory of computing, pp. 419–428. ACM Press, New York (1998), Full version: www-cse.ucsd.edu/users/mihir/papers/key-distribution.html
Boneh, D.: The Decision Diffie-Hellman Problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994), Full version: www-cse.ucsd.edu/users/mihir
Bellare, M., Rogaway, P.: Provably secure session key distribution – the three party case. In: Proceedings of the 27th ACM Symposium on the Theory of Computing, pp. 57–66. ACM Press, New York (1995)
Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Errors in Computational Complexity Proofs for Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 624–643. Springer, Heidelberg (2005)
Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Examining Indistinguishability-Based Proof Models for Key Establishment Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585–604. Springer, Heidelberg (2005)
Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001), http://eprint.iacr.org/2001/040.ps.gz
Dodis, Y., Gennaro, R., Håstad, J., Krawczyk, H., Rabin, T.: Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 494–510. Springer, Heidelberg (2004)
Gennaro, R., Krawczyk, H., Rabin, T.: Secure Hashed Diffie-Hellman over Non-DDH Groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 361–381. Springer, Heidelberg (2004), Full version in: Cryptology ePrint Archive http://eprint.iacr.org/2004/099
Hitchcock, Y., Boyd, C., González Nieto, J.M.: Modular proofs for key exchange: rigorous optimizations in the Canetti-Krawczyk model. Applicable Algebra in Engineering, Communication and Computing (AAECC) Journal (2005), Special issue on Mathematical Techniques in Cryptology; http://dx.doi.org/10.1007/s00200-005-0185-9
Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Trans. on Information and Systems Security 2(3), 230–268 (1999)
Hitchcock, Y., Tin, Y.S.T., Gonzalez-Nieto, J.M., Boyd, C., Montague, P.: A Password-Based Authenticator: Security Proof and Applications. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 388–401. Springer, Heidelberg (2003)
IEEE (Institute of Electrical and Electronics Engineers, Inc.). P1363.2: Standard specifications for password-based public-key cryptographic techniques (draft version d23) (2006), http://grouper.ieee.org/groups/1363/passwdPK/draft.html
Katz, J., Ostrovsky, R., Yung, M.: Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)
MacKenzie, P.: The PAK suite: Protocols for password-authenticated key exchange. Technical Report 2002-46, DIMACS, 2002–2046 (2002), ftp://dimacs.rutgers.edu/pub/dimacs/TechnicalReports/TechReports/2002/2002-46.ps.gz
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cliff, Y., Tin, Y.S.T., Boyd, C. (2006). Password Based Server Aided Key Exchange . In: Zhou, J., Yung, M., Bao, F. (eds) Applied Cryptography and Network Security. ACNS 2006. Lecture Notes in Computer Science, vol 3989. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11767480_10
Download citation
DOI: https://doi.org/10.1007/11767480_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34703-3
Online ISBN: 978-3-540-34704-0
eBook Packages: Computer ScienceComputer Science (R0)