Reducing risks from poorly chosen keys
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Password-authenticated 3PEKE with Round Efficiency without Server's Public Key
CW '05 Proceedings of the 2005 International Conference on Cyberworlds
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Examining indistinguishability-based proof models for key establishment protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Interactive diffie-hellman assumptions with applications to password-based authentication
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Password-Based authenticated key exchange in the three-party setting
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Password based server aided key exchange
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Three-party password-based authenticated key exchange protocol based on bilinear pairings
ICICA'10 Proceedings of the First international conference on Information computing and applications
Cross-realm password-based server aided key exchange
WISA'10 Proceedings of the 11th international conference on Information security applications
Stronger security model of group key agreement
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Gateway-oriented password-authenticated key exchange protocol with stronger security
ProvSec'11 Proceedings of the 5th international conference on Provable security
Provably secure three-party password-based authenticated key exchange protocol
Information Sciences: an International Journal
Cryptanalysis of an efficient three-party password-based key exchange scheme
International Journal of Communication Systems
| Hi-index | 0.00 |
In ACNS'06, Cliff et al. proposed the password-based server aided key exchange (PSAKE) as one of password-based authenticated key exchanges in the three-party setting (3-party PAKE) in which two clients with different passwords exchange a session key by the help of their corresponding server. Though they also studied a strong security definition of 3-party PAKE, their security model is not strong enough because there are desirable security properties which cannot be captured. In this paper, we define a new formal security model of 3-party PAKE which is stronger than the previous model. Our model captures all known desirable security requirements of 3-party PAKE, like resistance to key-compromise impersonation, to leakage of ephemeral private keys of servers and to undetectable on-line dictionary attack. Also, we propose a new scheme as an improvement of PSAKE with the optimal number of rounds for a client, which is secure in the sense of our model.