Paper 2002/192

Security Proofs for an Efficient Password-Based Key Exchange

Emmanuel Bresson, Olivier Chevassut, and David Pointcheval

Abstract

Password-based key exchange schemes are designed to provide entities communicating over a public network, and sharing a (short) password only, with a session key (e.g, the key is used for data integrity and/or confidentiality). The focus of the present paper is on the analysis of very efficient schemes that have been proposed to the IEEE P1363 Standard working group on password-based authenticated key-exchange methods, but for which actual security was an open problem. We analyze the AuthA key exchange scheme and give a complete proof of its security. Our analysis shows that the AuthA protocol and its multiple modes of operation are provably secure under the computational Diffie-Hellman intractability assumption, in both the random-oracle and the ideal-cipher models.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
key exchangedictionary attack
Contact author(s)
David Pointcheval @ ens fr
History
2003-10-23: revised
2002-12-19: received
See all versions
Short URL
https://ia.cr/2002/192
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2002/192,
      author = {Emmanuel Bresson and Olivier Chevassut and David Pointcheval},
      title = {Security Proofs for an Efficient Password-Based Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2002/192},
      year = {2002},
      url = {https://eprint.iacr.org/2002/192}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.