Paper 2003/032

A Framework for Password-Based Authenticated Key Exchange

Rosario Gennaro and Yehuda Lindell


In this paper we present a general framework for password-based authenticated key exchange protocols, in the common reference string model. Our protocol is actually an abstraction of the key exchange protocol of Katz et al.\ and is based on the recently introduced notion of smooth projective hashing by Cramer and Shoup. We gain a number of benefits from this abstraction. First, we obtain a modular protocol that can be described using just three high-level cryptographic tools. This allows a simple and intuitive understanding of its security. Second, our proof of security is significantly simpler and more modular. Third, we are able to derive analogues to the Katz et al.\ protocol under additional cryptographic assumptions. Specifically, in addition to the DDH assumption used by Katz et al., we obtain protocols under both the Quadratic and $N$-Residuosity assumptions. In order to achieve this, we construct new smooth projective hash functions.

Available format(s)
Publication info
Published elsewhere. In Eurocrypt 2003
Passwordskey exchangeprojective hash functions
Contact author(s)
rosario @ watson ibm com
2004-06-24: last of 7 revisions
2003-02-12: received
See all versions
Short URL
Creative Commons Attribution


      author = {Rosario Gennaro and Yehuda Lindell},
      title = {A Framework for Password-Based Authenticated Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2003/032},
      year = {2003},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.