Cryptology ePrint Archive: Report 2015/080

The Fairy-Ring Dance: Password Authenticated Key Exchange in a Group

Feng Hao and Xun Yi and Liqun Chen and Siamak F. Shahandashti

Abstract: In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic ``fairy-ring dance'' construction that transforms any secure two-party PAKE scheme to a group PAKE protocol while preserving the round efficiency in the optimal way. Based on this generic construction, we present two concrete instantiations based on using SPEKE and J-PAKE as the underlying PAKE primitives respectively. The first protocol, called SPEKE+, accomplishes authenticated key exchange in a group with explicit key confirmation in just two rounds. This is more round-efficient than any existing group PAKE protocols in the literature. The second protocol, called J-PAKE+, requires one more round than SPEKE+, but is computationally faster. Finally, we present full implementations of SPEKE+ and J-PAKE+ with detailed performance measurements. Our experiments suggest that both protocols are feasible for practical applications in which the group size may vary from three to several dozen. This makes them useful, as we believe, for a wide range of applications -- e.g., to bootstrap secure communication among a group of smart devices in the Internet of Things (IoT).

Category / Keywords: cryptographic protocols /

Date: received 3 Feb 2015, last revised 11 Feb 2015

Contact author: haofeng66 at gmail com

Available format(s): PDF | BibTeX Citation

Note: Updated to be consistent with the camera ready version for IoTPTS'15

Version: 20150211:083951 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]