nPAKE+: a tree-based group password-authenticated key exchange protocol using different passwords

Authors:
Zhiguo Wan;Robert H. Deng;Feng Bao;Bart Preneel;Ming Gu
Affiliations:
Key Laboratory for Information System Security, Ministry of Education, National Laboratory for Information Science and Technology, School of Software, Tsinghua University, Beijing, China;School of Information Systems, Singapore Management University, Singapore;Institute for Infocomm Research, Singapore;K.U. Leuven, ESAT, SCD, Leuven, Belgium;Key Laboratory for Information System Security, Ministry of Education, National Laboratory for Information Science and Technology, School of Software, Tsinghua University, Beijing, China
Venue:
Journal of Computer Science and Technology
Year:
2009

Citing 27
Cited 0

A secure audio teleconference system

CRYPTO '88 Proceedings on Advances in cryptology
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Refinement and extension of encrypted key exchange

ACM SIGOPS Operating Systems Review
Strong password-only authenticated key exchange

ACM SIGCOMM Computer Communication Review
Secure group communications using key graphs

Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Simple and fault-tolerant key agreement for dynamic collaborative groups

Proceedings of the 7th ACM conference on Computer and communications security
Key Agreement in Dynamic Peer Groups

IEEE Transactions on Parallel and Distributed Systems
Three-party encrypted key exchange: attacks and a solution

ACM SIGOPS Operating Systems Review
Password-Authenticated Key Exchange between Clients with Different Passwords

ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Communication-Efficient Group Key Agreement

IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys

Proceedings of the 5th International Workshop on Security Protocols
Extended Password Key Exchange Protocols Immune to Dictionary Attacks

WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
CLIQUES: A New Approach to Group Key Agreement

ICDCS '98 Proceedings of the The 18th International Conference on Distributed Computing Systems
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
ELK, a New Protocol for Efficient Large-Group Key Distribution

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Security proofs for an efficient password-based key exchange

Proceedings of the 10th ACM conference on Computer and communications security
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A framework for password-based authenticated key exchange

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Forward secrecy in password-only key exchange protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
nPAKE+: a hierarchical group password-authenticated key exchange protocol using different passwords

ICICS'07 Proceedings of the 9th international conference on Information and communications security
N-Party encrypted diffie-hellman key exchange using different passwords

ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Password-Based group key exchange in a constant number of rounds

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Secure password-based authenticated group key agreement for data-sharing peer-to-peer networks

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Constant-Round password-based group key generation for multi-layer ad-hoc networks

SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Key agreement in ad hoc networks

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol -- nPAKE+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE+ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.