Cryptology ePrint Archive: Report 2000/026
Authentication and Key Agreement via Memorable Password
Abstract: This paper presents a new password authentication and key agreement protocol, AMP, based on the amplified password idea.
The intrinsic problems with password authentication are the password itself has low entropy and the password file is very hard
We present the amplified password proof and the amplified password file for solving these problems.
A party commits the high entropy information and amplifies her password with that information in the amplifed password proof.
She never shows any information except that she knows it.
Our amplified password proof idea is very similar to the zero-knowledge proof in that sense.
We adds one more idea; the amplified password file for password file protection.
A server stores the amplified verifiers in the amplified password file that is secure against a server file compromise and a dictionary
AMP mainly provides the password-verifier based authentication
and the Diffie-Hellman based key agreement, securely and efficiently.
AMP is easy to generalize in any other cyclic groups.
In spite of those plentiful properties, AMP is actually the most efficient protocol among the related protocols
due to the simultaneous multiple exponentiation method.
Several variants such as AMP^i, AMPn, AMP^n+, AMP+, AMP++, and AMP^c are also proposed.
Among them, AMP^n is actually the basic protocol of this paper that describes the amplified password proof idea
while AMP is the most complete protocol that adds the amplified password file.
AMP^i simply removes the amplified password file from AMP.
In the end, we give a comparison to the related protocols in terms of efficiency.
Category / Keywords: cryptographic protocols / authentication, key agreement, password guessing, password verifier, public-key cryptography, discrete logarithm problem, Diffie-Hellman problem, amplified password proof, amplified password file
Publication Info: contribution to the IEEE P1363 study group for future PKC standards
Date: received 5 Jun 2000, revised 29 Jul 2000, revised 29 Jul 2000, revised 10 Aug 2000, revised 23 Aug 2000
Contact author: tkwon at cs berkeley edu or ktk@emerald yonsei ac kr
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20000823:100825 (All versions of this report)
Short URL: ia.cr/2000/026
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]