Cryptology ePrint Archive: Report 2007/326
Efficient Password-based Authenticated Key Exchange without Public Information
Jun Shao and Zhenfu Cao and Licheng Wang and Rongxing Lu
Abstract: Since the first password-based authenticated key exchange (PAKE) was
proposed, it has enjoyed a considerable amount of interest from the
cryptographic research community. To our best knowledge, most of
proposed PAKEs based on Diffie-Hellman key exchange need some public
information, such as generators of a finite cyclic group. However,
in a client-server environment, not all servers use the same public
information, which demands clients authenticate those public
information before beginning PAKE. It is cumbersome for users.
What's worse, it may bring some secure problems with PAKE, such as
substitution attack. To remove these problems, in this paper, we
present an efficient password-based authenticated key exchange
protocol without any public information. We also provide a
formal security analysis in the non-concurrent setting, including
basic security, mutual authentication, and forward secrecy, by using
the random oracle model.
Category / Keywords: cryptographic protocols / PAKE
Publication Info: An extended abstract of this paper appears in ESORICS 2007, J. Biskup and J. Lopez (Eds.), volume 4734 of LNCS, pp. 299-310, Sringer-Verlag, 2007.
Date: received 18 Aug 2007
Contact author: chn junshao at gmail com
Available format(s): PDF | BibTeX Citation
Note: An extended abstract of this paper appears in ESORICS 2007, J. Biskup and J. Lopez (Eds.), volume 4734 of LNCS, pp. 299-310, Sringer-Verlag, 2007.
Version: 20070820:072211 (All versions of this report)
Short URL: ia.cr/2007/326
[ Cryptology ePrint archive ]