Reducing risks from poorly chosen keys
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Communications of the ACM
Password-Authenticated Key Exchange Based on RSA
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Key Agreement Protocols and Their Security Analysis
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
The exact security of digital signatures-how to sign with RSA and Rabin
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Forward secrecy in password-only key exchange protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Password-Based authenticated key exchange
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
A note on leakage-resilient authenticated key exchange
IEEE Transactions on Wireless Communications
Security of a leakage-resilient protocol for key establishment and mutual authentication
ProvSec'07 Proceedings of the 1st international conference on Provable security
An authentication and key exchange protocol for secure credential services
ISC'06 Proceedings of the 9th international conference on Information Security
| Hi-index | 0.00 |
Let us consider the following situation: (1) a client, who communicates with a variety of servers, remembers only one password and has insecure devices with very-restricted computing power and built-in memory capacity; (2) the counterpart servers have enormous computing power, but they are not perfectly secure; (3) neither PKI (Public Key Infrastructures) nor TRM (Tamper-Resistant Modules) is available. Our main goal of this paper is to provide its security against the leakage of stored secrets as well as to attain high efficiency on client's side. For those, we propose an efficient and leakage-resilient RSA-based Authenticated Key Establishment (RSA-AKE) protocol suitable for the above situation whose authenticity is based on password and an additional stored secret. The RSA-AKE protocol is provably secure in the random oracle model where an adversary is given the stored secret of client and the RSA private key of server. In terms of computation costs, the client is required to compute only one modular exponentiation with an exponent e (e ≥ 3) in the protocol execution. We also show that the RSA-AKE protocol has several security properties and efficiency over the previous ones of their kinds.