Provably secure three-party password-based authenticated key exchange protocol

Authors:
Jianjie Zhao;Dawu Gu
Affiliations:
School of Information Security Engineering, Shanghai Jiao Tong University, Shanghai 200240, People's Republic of China;Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, People's Republic of China
Venue:
Information Sciences: an International Journal
Year:
2012

Citing 36
Cited 4

Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Refinement and extension of encrypted key exchange

ACM SIGOPS Operating Systems Review
Cryptography: Theory and Practice,Second Edition

Cryptography: Theory and Practice,Second Edition
On Key Distribution Systems

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
A Key Distribution "Paradox"

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Validation of Elliptic Curve Public Keys

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Implementing the Tate Pairing

ANTS-V Proceedings of the 5th International Symposium on Algorithmic Number Theory
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Number theoretic attacks on secure password schemes

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Secure key agreement protocols for three-party against guessing attacks

Journal of Systems and Software - Special issue: Software engineering education and training
Security weakness in a three-party pairing-based protocol for password authenticated key exchange

Information Sciences: an International Journal
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS

Designs, Codes and Cryptography
Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)

Information Sciences: an International Journal
A round- and computation-efficient three-party authenticated key exchange protocol

Journal of Systems and Software
The Random Oracle Model and the Ideal Cipher Model Are Equivalent

CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Enhanced password-based simple three-party key exchange protocol

Computers and Electrical Engineering
Efficient and Strongly Secure Password-Based Server Aided Key Exchange (Extended Abstract)

INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Forward secrecy in password-only key exchange protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Stronger security of authenticated key exchange

ProvSec'07 Proceedings of the 1st international conference on Provable security
Authenticated key exchange and key encapsulation in the standard model

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
The twin Diffie-Hellman problem and applications

EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Efficient two-party password-based key exchange protocols in the UC framework

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges

Information Sciences: an International Journal
An insider-resistant group key exchange protocol without signatures

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A communication-efficient three-party password authenticated key exchange protocol

Information Sciences: an International Journal
Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols

INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
On the importance of public-key validation in the MQV and HMQV key agreement protocols

INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Interactive diffie-hellman assumptions with applications to password-based authentication

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Password-Based authenticated key exchange in the three-party setting

PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Simple password-based encrypted key exchange protocols

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
HMQV: a high-performance secure diffie-hellman protocol

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Password based server aided key exchange

ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
One-Round protocol for two-party verifier-based password-authenticated key exchange

CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security

Dynamically generate a long-lived private key based on password keystroke features and neural network

Information Sciences: an International Journal
Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol

Information Sciences: an International Journal
Finding and fixing vulnerabilities in several three-party password authenticated key exchange protocols without server public keys

Information Sciences: an International Journal
Provably secure three party encrypted key exchange scheme with explicit authentication

Information Sciences: an International Journal

Quantified Score

Hi-index	0.07

Visualization

Abstract

A three-party password-based authenticated key exchange (3PAKE) protocol is a useful mechanism to establish a secure session key in a network. However, most current 3PAKE protocols only achieve ''heuristic'' security; the underlying hardness assumptions of these protocols are not perfect. We propose a 3PAKE protocol which is provably secure if the Diffie-Hellman problem is computationally infeasible (the CDH assumption), even in the 3eCK model where the adversary is allowed to make more queries and have more freedom than previous models. In our formal proof, we use the trapdoor test technique introduced by Cash, Kiltz and Shoup to construct an efficient decision oracle. As far as we know, our protocol is the first provably secure 3PAKE protocol based on the CDH assumption and the first 3PAKE protocol using the trapdoor test technique for the security proof.