Paper 2010/147

A New Framework for Password-Based Authenticated Key Exchange

Adam Groce and Jonathan Katz

Abstract

Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction offers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability~(UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ACM CCCS 2010
Keywords
password-based key exchange
Contact author(s)
jkatz @ cs umd edu
History
2010-06-22: revised
2010-03-20: received
See all versions
Short URL
https://ia.cr/2010/147
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2010/147,
      author = {Adam Groce and Jonathan Katz},
      title = {A New Framework for Password-Based Authenticated Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/147},
      year = {2010},
      url = {https://eprint.iacr.org/2010/147}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.