A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Public-key cryptography and password protocols
ACM Transactions on Information and System Security (TISSEC)
Signature schemes based on the strong RSA assumption
ACM Transactions on Information and System Security (TISSEC)
SIAM Journal on Computing
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys
Proceedings of the 5th International Workshop on Security Protocols
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Number theoretic attacks on secure password schemes
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
The random oracle methodology, revisited
Journal of the ACM (JACM)
A framework for password-based authenticated key exchange1
ACM Transactions on Information and System Security (TISSEC)
Secure hash-and-sign signatures without the random oracle
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Off-line/on-line signatures: theoretical aspects and experimental results
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Universally composable password-based key exchange
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
New online/offline signature schemes without random oracles
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Efficient and secure authenticated key exchange using weak passwords
Journal of the ACM (JACM)
Smooth Projective Hashing and Password-Based Authenticated Key Exchange from Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A new framework for efficient password-based authenticated key exchange
Proceedings of the 17th ACM conference on Computer and communications security
Efficient password-based authenticated key exchange protocol in the UC framework
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Round-optimal password-based authenticated key exchange
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Ideal secret sharing schemes with share selectability
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Delayed-key message authentication for streams
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Gateway-oriented password-authenticated key exchange protocol in the standard model
Journal of Systems and Software
Threshold password-based authenticated group key exchange in gateway-oriented setting
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Password-Based authenticated key exchange
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Efficient password authenticated key exchange via oblivious transfer
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Anonymous password-based key exchange with low resources consumption and better user-friendliness
Security and Communication Networks
Hi-index | 0.00 |
This paper presents an improved password-based authenticated key exchange protocol in the common reference string model. Its security proof requires no idealized assumption (such as random oracles). The protocol is based on the GL framework introduced by Gennaro and Lindell, which generalizes the KOY key exchange protocol of Katz et al. Both the KOY and the GL protocols use (one-time) signatures as a non-malleability tool in order to prevent a man-in-the-middle attack against the protocol. The efficiency of the resulting protocol is negatively affected, since if we use regular signatures, they require a large amount of computation (almost as much as the rest of the protocol) and further computational assumptions. If one-time signatures are used, they substantially increase the bandwidth requirement. Our improvement avoids using digital signatures altogether, replacing them with faster and shorter message authentication codes. The crucial idea is to leverage as much as possible the non-malleability of the encryption scheme used in the protocol, by including various values into the ciphertexts as labels. As in the case of the GL framework, our protocol can be efficiently instantiated using either the DDH, Quadratic Residuosity or N-Residuosity Assumptions. For typical security parameters our solution saves as much as 12 Kbytes of bandwidth if one-time signatures are implemented in GL with fast symmetric primitives. If we use number-theoretic signatures in the GL framework, our solution saves several large exponentiations (almost a third of the exponentiations computed in the GL protocol). The end result is that we bring provable security in the realm of password-authenticated key exchange one step closer to practical.