Pretty-Simple Password-Authenticated Key-Exchange Under Standard Assumptions (original) (raw)

Pretty-simple password-authenticated key-exchange protocol proven to be secure in the standard model

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

In this paper, we propose pretty simple password-authenticated key-exchange protocol which is based on the difficulty of solving DDH problem. It has the following advantages: (1) Both y1 and y2 in our protocol are independent and thus they can be pre-computed and can be sent independently. This speeds up the protocol. (2) Clients and servers can use almost the same algorithm. This reduces the implementation costs without accepting replay attacks and abuse of entities as oracles.

Provably secure password-authenticated key exchange using Diffie-Hellman

Advances in Cryptology—Eurocrypt …, 2000

When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using cryptographically secure keys), one must not allow any information to be leaked that would allow verification of the password (a weak shared key), since an attacker who obtains this information may be able to run an off-line dictionary attack to determine the correct password. We present a new protocol called PAK which is the first Diffie-Hellman-based passwordauthenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries. In addition to the PAK protocol that provides mutual explicit authentication, we also show a more efficient protocol called PPK that is provably secure in the implicit-authentication model. We then extend PAK to a protocol called PAK-X, in which one side (the client) stores a plaintext version of the password, while the other side (the server) only stores a verifier for the password. We formally prove security of PAK-X, even when the server is compromised. Our formal model for passwordauthenticated key exchange is new, and may be of independent interest.

An enhanced password authenticated key exchange protocol without server public keys

2012 International Conference on ICT Convergence (ICTC), 2012

Password Authenticated Key Exchange (PAKE) protocols permit two entities to generate a large common session key and authenticate each other based on a pre-shared human memorable password. In 2006, Strangio proposed the DH-BPAKE protocol and claimed that the mentioned protocol is provably secure against several attacks. In this paper, it is shown that the DH-BPAKE protocol is vulnerable to password compromise impersonation attack and it is not efficient due to the number of running steps and its computational load. To overcome these weaknesses, an enhanced PAKE protocol is proposed which provides several security properties. In addition, it is proved that our proposed scheme is more sefficient 1 (Secure & Efficient) in comparison with DH-BPAKE protocol.

A New Efficient Protocol for Authenticated Key Agreement

International Journal of Computer and Communication Engineering, 2013

Key establishment protocols are among the most important security mechanisms via which two or more parties can generate a common session key to in order to encrypt their communications over an otherwise insecure network. In this paper we propose an efficient and secure authenticated key agreement protocol based on DLP (Discrete Logarithm Problem). The main purpose of this paper is to achieve most of goals of key agreement. We show that our protocol meets the security attributes and strong against most of potential attacks. We try in our new protocol to provide the authentication between users with maintain the number of sending message minimum as possible and by using only one operation of multiplication, subtraction and exponentiation. We use the mathematica 9 program to implement the new proposed system.

Threshold password-authenticated key exchange (extended abstract)

ADVANCES IN CRYPTOLOGY CRYPTO 2002 PROCEEDINGSBook Series LECTURE NOTES IN COMPUTER SCIENCE, 2002

In most password-authenticated key exchange systems there is a single server storing password verification data. To provide some resilience against server compromise, this data typically takes the form of a one-way function of the password (and possibly a salt, or other public values), rather than the password itself. However, if the server is compromised, this password verification data can be used to perform an offline dictionary attack on the user's password. In this paper we propose an efficient password-authenticated key exchange system involving a set of servers with known public keys, in which a certain threshold of servers must participate in the authentication of a user, and in which the compromise of any fewer than that threshold of servers does not allow an attacker to perform an offline dictionary attack. We prove our system is secure in the random oracle model under the Decision Diffie-Hellman assumption against an attacker that may eavesdrop on, insert, delete, or modify messages between the user and servers, and that compromises fewer than that threshold of servers.

Efficient Password-Authenticated Key Exchange Based on RSA

Lecture Notes in Computer Science, 2006

In , Zhu, et al. proposed a RSA-based password authenticated key exchange scheme which supports short RSA public exponents. The scheme is the most efficient one among all the RSA-based schemes currently proposed when implemented on low-power asymmetric wireless networks. We observe that its performance can further be improved by proposing two modifications. The first modification shortens the size of the message sent from the server to the client. The second modification dramatically reduces the size of the message sent from the client to the server and therefore can be used to reduce the power consumption of the client for wireless communications in a significant way. We also generalize our modified schemes and formalize the security requirements of all underlying primitives that the generic scheme is constituted. A new primitive called password-keyed permutation family is introduced. We show that the security of our password-keyed permutation family is computationally equivalent to the RSA Problem in the random oracle model. cryptographic-key authenticated key exchange scheme, the two communicating parties do not have any pre-shared cryptographic symmetric key, certificate or support from a trusted third party. Instead they only share a password. The major difficulty in designing a secure password-based protocol is due to the concern of implicated off-line dictionary attacks against a small password space . A password, a passphrase, or a PIN (Personal Identification Number) generally needs to be easy to remember. Usually it has significantly less randomness than its length suggested or is simply very short in length. In our study, the password space is considered to be so small that an adversary can enumerate it efficiently.

A Novel Password Protected Key Exchange Protocol

— Exchanging messages are more common thing lately. More number of people connects with each other in the network and (verifies someone's identity) each other while sharing their data. So users following so many rules of conduct for providing security to their data and the servers which they are storing their data. Due to all data storing in the single server, there is a chance to hack server data to be told (to people). This paper presents a solution to this problem such as (verifying someone's identity) process has to share by two servers. Client has to (verify someone's identity) in two servers like two step checking (for truth). It also includes (related to secret computer codes) ways of doing things to provide security for the data stored in the servers.

Enhanced password-based key establishment protocol

2005

In this paper we analyse a password-based authenticated key establishment protocol due to Laih, Ding and Huang, which enables a user to authenticate himself to a server and negotiate a shared session key. This protocol is also designed to guarantee that a human being is actually involved in an ongoing protocol execution. However we show that the protocol suffers from offline dictionary attacks. We propose an enhanced password-based authenticated key establishment protocol which is secure against offline dictionary attacks, and that possesses an additional feature guaranteeing that a user is involved in each protocol execution.

A Simple Leakage-Resilient Authenticated Key Establishment Protocol, Its Extensions, and Applications

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2005

Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review the previous AKE protocols, all of which turn out to be insecure, under the following realistic assumptions: (1) High-entropy secrets that should be stored on devices may leak out due to accidents such as bugs or mis-configureations of the system; (2) The size of human-memorable secret, i.e. password, is short enough to memorize, but large enough to avoid on-line exhaustive search;