Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Refinement and extension of encrypted key exchange
ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks
ACM SIGOPS Operating Systems Review
Three-party encrypted key exchange: attacks and a solution
ACM SIGOPS Operating Systems Review
Password-Authenticated Key Exchange between Clients with Different Passwords
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A survey of certificateless encryption schemes and security models
International Journal of Information Security
Password-Authenticated Key Exchange between Clients in a Cross-Realm Setting
NPC '08 Proceedings of the IFIP International Conference on Network and Parallel Computing
Efficient and Strongly Secure Password-Based Server Aided Key Exchange (Extended Abstract)
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A New Client-to-Client Password-Authenticated Key Agreement Protocol
IWCC '09 Proceedings of the 2nd International Workshop on Coding and Cryptology
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Cryptanalysis of two provably secure cross-realm C2C-PAKE protocols
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Examining indistinguishability-based proof models for key establishment protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Interactive diffie-hellman assumptions with applications to password-based authentication
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Efficient and provably secure client-to-client password-based key exchange protocol
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Password-Based authenticated key exchange in the three-party setting
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Password based server aided key exchange
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Secure cross-realm C2C-PAKE protocol
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
| Hi-index | 0.00 |
In this paper, we extend password-based server aided key exchange (PSAKE) to the cross-realm setting which two clients in two different realms with different passwords can exchange a session key through their corresponding servers, i.e., there are two servers. We cannot simply apply the previous security model of PSAKE to cross-realm setting because there is the difference between security properties which can be captured in the previous setting and in the new setting. Therefore, we define a new formal security model of cross-realm PSAKE. Our model captures all desirable security requirements, like resistance to leakage of ephemeral private keys, to key-compromise impersonation and to undetectable on-line dictionary attack. Furthermore, we propose a concrete construction of cross-realm PSAKE with the optimal number of rounds for a client, which is secure in the sense of our model. Our scheme assumes no pre-established secure channels between different realms unlike previous schemes, but just authenticated channels between different realms.