Paper 2001/031

Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords

Jonathan Katz, Rafail Ostrovsky, and Moti Yung

Abstract

We present an efficient password-authenticated key exchange protocol which is secure against off-line dictionary attacks even when users choose passwords from a very small space (say, a dictionary of English words). We prove security in the standard model under the decisional Diffie-Hellman assumption, assuming public parameters generated by a trusted party. Compared to the recent work of Goldreich and Lindell (which was the first to give a secure construction, under general assumptions, in the standard model), our protocol requires only 3 rounds and is efficient enough to be used in practice.

Note: Revised to indicate that this is an expanded version of the paper that will appear at Eurocrypt 2001.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Eurocrypt, 2001.
Keywords
key exchangediffie-hellmanpassword
Contact author(s)
jkatz @ cs columbia edu
History
2001-04-27: received
Short URL
https://ia.cr/2001/031
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2001/031,
      author = {Jonathan Katz and Rafail Ostrovsky and Moti Yung},
      title = {Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords},
      howpublished = {Cryptology {ePrint} Archive, Paper 2001/031},
      year = {2001},
      url = {https://eprint.iacr.org/2001/031}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.