Paper 2013/833
Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions
Fabrice Benhamouda and David Pointcheval
Abstract
While password-authenticated key exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called Augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed to quantify the actual security of a protocol in the standard model. The unique model proposed so far is an ideal functionality in the universal composability (UC) framework, but is only meaningful in idealized models. In this paper, we first enhance the Bellare-Pointcheval-Rogaway game-based model for PAKE to VPAKE protocols, and then propose the first game-based security model for both PAKE and VPAKE protocols that additionally handles related passwords. It also allows a VPAKE protocol to be secure in the standard model. We then propose several VPAKE candidates which involve smooth projective hash functions and multi-linear maps.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- Multi-linear mapssmooth projective hash functionsauthenticationkey exchange
- Contact author(s)
- fabrice ben hamouda @ ens fr
- History
- 2014-10-14: revised
- 2013-12-16: received
- See all versions
- Short URL
- https://ia.cr/2013/833
- License
-
CC BY