Cryptology ePrint Archive: Report 2014/017

Two-round password-only authenticated key exchange in the three-party setting

Junghyun Nam and Kim-Kwang Raymond Choo and Juryon Paik and Dongho Won

Abstract: We present the first provably-secure 3-party password-only authenticated key exchange (PAKE) protocol that can run in only two communication rounds. Our protocol is generic in the sense that it can be constructed from any 2-party PAKE protocol. The protocol is proven secure in a variant of the widely accepted model of Bellare, Pointcheval and Rogaway (2000) without any idealized assumptions on the cryptographic primitives used. We also investigate the security of the 2-round 3-party PAKE protocol of Wang, Hu and Li (2010), and demonstrate that this protocol cannot achieve implicit key authentication in the presence of an active adversary.

Category / Keywords: cryptographic protocols / Password-only authenticated key exchange (PAKE), three-party key exchange, communication round, dictionary attack, implicit key authentication

Date: received 6 Jan 2014, withdrawn 17 Aug 2014

Contact author: jhnam at kku ac kr

Available format(s): (-- withdrawn --)

Version: 20140818:043406 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]