Password-based group key exchange secure against insider guessing attacks

Authors:
Jin Wook Byun;Dong Hoon Lee;Jongin Lim
Affiliations:
Center for Information Security Technologies (CIST), Korea University, Seoul, Korea;Center for Information Security Technologies (CIST), Korea University, Seoul, Korea;Center for Information Security Technologies (CIST), Korea University, Seoul, Korea
Venue:
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Year:
2005

Citing 10
Cited 5

Refinement and extension of encrypted key exchange

ACM SIGOPS Operating Systems Review
Undetectable on-line password guessing attacks

ACM SIGOPS Operating Systems Review
Provably authenticated group Diffie-Hellman key exchange

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Password-Authenticated Key Exchange between Clients with Different Passwords

ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Interactive diffie-hellman assumptions with applications to password-based authentication

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Cryptanalysis of an improved client-to-client password-authenticated key exchange (C2C-PAKE) scheme

ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
N-Party encrypted diffie-hellman key exchange using different passwords

ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security

Provably Secure N-Party Authenticated Key Exchange in the Multicast DPWA Setting

Information Security and Cryptology
Enhancing Security of a Group Key Exchange Protocol for Users with Individual Passwords

ICCSA '09 Proceedings of the International Conference on Computational Science and Its Applications: Part II
Provably secure password-authenticated group key exchange with different passwords under standard assumption

Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Efficient and provably secure client-to-client password-based key exchange protocol

APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Constant-Round password-based group key generation for multi-layer ad-hoc networks

SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing

Quantified Score

Hi-index	0.01

Visualization

Abstract

Very recently, Byun and Lee suggested two provably secure group Diffie-Hellman key exchange protocols using n participant’s distinct passwords. Unfortunately, the schemes were found to be flawed by Tang and Chen. They presented two password guessing attacks such as off-line and undetectable on-line dictionary attacks by malicious insider attacker. In this paper, we present concrete countermeasures for two malicious insider attacks, and modify the two group Diffie-Hellman key exchange protocols to be secure against malicious insider password guessing attacks. Our countermeasures do not require additional round costs, hence they are efficient.