Paper 2010/147

A New Framework for Password-Based Authenticated Key Exchange

Adam Groce and Jonathan Katz


Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction offers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability~(UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. ACM CCCS 2010
password-based key exchange
Contact author(s)
jkatz @ cs umd edu
2010-06-22: revised
2010-03-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Adam Groce and Jonathan Katz},
      title = {A New Framework for Password-Based Authenticated Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2010/147},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.