Anonymous password-based key exchange with low resources consumption and better user-friendliness

Authors:
Haifeng Qian;Junqing Gong;Yuan Zhou
Affiliations:
Department of Computer Science and Technology, East China Normal University, China;Department of Computer Science and Technology, East China Normal University, China;Network Emergency Response Technical Team/Coordination Center, China
Venue:
Security and Communication Networks
Year:
2012

Citing 26
Cited 0

Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Public-key cryptography and password protocols

ACM Transactions on Information and System Security (TISSEC)
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Session-Key Generation Using Human Passwords Only

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Security proofs for an efficient password-based key exchange

Proceedings of the 10th ACM conference on Computer and communications security
Anonymous and Traceable Authentication Scheme using Smart Cards

ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Protocols for purpose-restricted anonymous communications in IP-based wireless networks

Computer Communications
A New Anonymous Password-Based Authenticated Key Exchange Protocol

INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Very-Efficient Anonymous Password-Authenticated Key Exchange and Its Extensions

AAECC-18 '09 Proceedings of the 18th International Symposium on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
A New Approach for Anonymous Password Authentication

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Public-key cryptosystems based on composite degree residuosity classes

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A framework for password-based authenticated key exchange

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A signature scheme with efficient protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
A secure threshold anonymous password-authenticated key exchange protocol

IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Efficient two-party password-based key exchange protocols in the UC framework

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Faster and shorter password-authenticated key exchange

TCC'08 Proceedings of the 5th conference on Theory of cryptography
Purpose-restricted Anonymous Mobile Communications Using Anonymous Signatures in Online Credential Systems

Wireless Personal Communications: An International Journal
Efficient password-based authentication and key exchange scheme preserving user privacy

WASA'06 Proceedings of the First international conference on Wireless Algorithms, Systems, and Applications
Anonymous password-based authenticated key exchange

INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Simple password-based encrypted key exchange protocols

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Universally composable password-based key exchange

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A public key cryptosystem and a signature scheme based on discrete logarithms

IEEE Transactions on Information Theory

Quantified Score

Hi-index	0.00

Visualization

Abstract

Anonymous password authenticated key exchange (APAKE) protocols allow the server to authenticate its clients without revealing their identities. In this paper, we first construct a basic protocol SAPAKE by using the homomorphic encryption scheme and an auxiliary memory device. Compared with the previous ones, SAPAKE is more suitable for those privacy-sensitive applications (e.g., cloud computing) where reducing server payload and improving user experience are both essential. Furthermore, we refine SAPAKE by removing the use of the memory device to gain an enhanced extension SAPAKE+ without increasing the resources consumption. SAPAKE+ achieves better user-friendliness than SAPAKE while it requires publishing more public parameters. Both of our protocols are practical due to their low (computation and communication) resources consumption and better user-friendliness, and achieve provable security in the random oracle model. Copyright © 2012 John Wiley & Sons, Ltd.