Paper 2015/606

Constructing Efficient PAKE Protocols from Identity-Based KEM/DEM

Kyu Young Choi, Jihoon Cho, Jung Yeon Hwang, and Taekyoung Kwon

Abstract

In this paper, we propose an efficient identity-based password authenticated key exchange (IBPAKE) protocol using identity-based KEM/DEM. In IBPAKE, a client conducts authentication based on a human-memorable password and a server's identity. A distinctive feature of IBPAKE protocols, compared to the well-known EKE-type PAKE protocols, is that an adversary who even acquired a user's password cannot impersonate a server to further investigate user's sensitive information. We first construct the new IBPAKE protocol using the Boneh-Franklin Identity-based encryption (IBE) scheme, and then generalize the protocol by presenting a generic method to yield an efficient IBPAKE protocol from identity-based KEM/DEM. Our fine-grained approach has concrete advantages in terms of performance. First, unnecessary parameters can be removed easily. This allows a straightforward improvement on computational cost and communication bandwidth. In addition, using the essential feature of identity-based KEM/DEM, we can construct an IBPAKE protocol which runs in a single pass. Our protocol gives better performance, compared to prior known IBPAKE protocols.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
PAKEIBPAKEIBE
Contact author(s)
ky12 choi @ samsung com
History
2015-06-28: received
Short URL
https://ia.cr/2015/606
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/606,
      author = {Kyu Young Choi and Jihoon Cho and Jung Yeon Hwang and Taekyoung Kwon},
      title = {Constructing Efficient PAKE Protocols from Identity-Based KEM/DEM},
      howpublished = {Cryptology ePrint Archive, Paper 2015/606},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/606}},
      url = {https://eprint.iacr.org/2015/606}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.