Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Public-key cryptography and password protocols
ACM Transactions on Information and System Security (TISSEC)
SIAM Journal on Computing
Session-Key Generation Using Human Passwords Only
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Robust Non-interactive Zero Knowledge
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
On all-or-nothing transforms and password-authenticated key exchange protocols
On all-or-nothing transforms and password-authenticated key exchange protocols
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On the limitations of universally composable two-party computation without set-up assumptions
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Strengthening zero-knowledge protocols using signatures
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A framework for password-based authenticated key exchange
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Concurrent Non-Malleable Commitments
FOCS '05 Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science
Password authenticated key exchange using hidden smooth subgroups
Proceedings of the 12th ACM conference on Computer and communications security
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Authenticating ad hoc networks by comparison of short digests
Information and Computation
Strong password-based authentication in TLS using the three-party group Diffie Hellman protocol
International Journal of Security and Networks
Halting password puzzles: hard-to-break encryption from human-memorable keys
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Password Mistyping in Two-Factor-Authenticated Key Exchange
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Efficient Constructions of Composable Commitments and Zero-Knowledge Proofs
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A Universally Composable Group Key Exchange Protocol with Minimum Communication Effort
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Universally Composable Security Analysis of TLS
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Anonymous and Transparent Gateway-Based Password-Authenticated Key Exchange
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Zero-Knowledge Proofs with Witness Elimination
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Distributed Public-Key Cryptography from Weak Secrets
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
On the Theory and Practice of Personal Digital Signatures
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Hidden credential retrieval from a reusable password
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Non-malleable extractors and symmetric key cryptography from weak secrets
Proceedings of the forty-first annual ACM symposium on Theory of computing
Password-Authenticated Group Key Agreement with Adaptive Security and Contributiveness
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Efficient and secure authenticated key exchange using weak passwords
Journal of the ACM (JACM)
IC card-based single sign-on system that remains secure under card analysis
Proceedings of the 5th ACM workshop on Digital identity management
HPAKE: Password Authentication Secure against Cross-Site User Impersonation
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Smooth Projective Hashing and Password-Based Authenticated Key Exchange from Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
(Password) authenticated key establishment: from 2-party to group
TCC'07 Proceedings of the 4th conference on Theory of cryptography
AAECC'07 Proceedings of the 17th international conference on Applied algebra, algebraic algorithms and error-correcting codes
An efficient password-only two-server authenticated key exchange system
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Multi-factor authenticated key exchange
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Efficient two-party password-based key exchange protocols in the UC framework
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Faster and shorter password-authenticated key exchange
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Multi-factor password-authenticated key exchange
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
A new framework for efficient password-based authenticated key exchange
Proceedings of the 17th ACM conference on Computer and communications security
Credential authenticated identification and key exchange
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Password-authenticated session-key generation on the internet in the plain model
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Three-party password-based authenticated key exchange protocol based on bilinear pairings
ICICA'10 Proceedings of the First international conference on Information computing and applications
Efficient password-based authenticated key exchange protocol in the UC framework
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Contributory password-authenticated group key exchange with join capability
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Round-optimal password-based authenticated key exchange
TCC'11 Proceedings of the 8th conference on Theory of cryptography
A new security proof of practical cryptographic devices based on hardware, software and protocols
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Multi-factor authenticated key exchange protocol in the three-party setting
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Gateway-oriented password-authenticated key exchange protocol with stronger security
ProvSec'11 Proceedings of the 5th international conference on Provable security
Two-server password-only authenticated key exchange
Journal of Computer and System Sciences
Two-Server password-only authenticated key exchange
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Secure computation without authentication
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Secure remote authentication using biometric data
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A method for making password-based key exchange resilient to server compromise
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Mitigating dictionary attacks on password-protected local storage
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Strong cryptography from weak secrets: building efficient PKE and IBE from distributed passwords
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Key exchange using passwords and long keys
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Robust smart-cards-based user authentication scheme with user anonymity
Security and Communication Networks
Password-Based authenticated key exchange
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Efficient password authenticated key exchange via oblivious transfer
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Relatively-Sound NIZKs and password-based key-exchange
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Multiparty proximity testing with dishonest majority from equality testing
ICALP'12 Proceedings of the 39th international colloquium conference on Automata, Languages, and Programming - Volume Part II
Practical yet universally composable two-server password-authenticated secret sharing
Proceedings of the 2012 ACM conference on Computer and communications security
Anonymous password-based key exchange with low resources consumption and better user-friendliness
Security and Communication Networks
Analysis and improvement of lindell's UC-secure commitment schemes
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Composition of password-based protocols
Formal Methods in System Design
| Hi-index | 0.00 |
We propose and realize a definition of security for password-based key exchange within the framework of universally composable (UC) security, thus providing security guarantees under arbitrary composition with other protocols. In addition, our definition captures some aspects of the problem that were not adequately addressed by most prior notions. For instance, it does not assume any underlying probability distribution on passwords, nor does it assume independence between passwords chosen by different parties. We also formulate a definition of password-based secure channels, and show that such a definition is achievable given password-based key exchange. Our protocol realizing the new definition of password-based key exchange is in the common reference string model and relies on standard number-theoretic assumptions. The components of our protocol can be instantiated to give a relatively efficient solution which is conceivably usable in practice. We also show that it is impossible to satisfy our definition in the “plain” model (e.g., without a common reference string).