Cryptology ePrint Archive: Report 2017/961

An Offline Dictionary Attack against zkPAKE Protocol

Jose Becerra and Peter Y.A. Ryan and Petra Sala and Marjan Skrobot

Abstract: Password Authenticated Key Exchange (PAKE) allows a user to establish a strong cryptographic key with a server, using only knowledge of a pre-shared password. One of the basic security requirements of PAKE is to prevent offline dictionary attacks.

In this paper, we revisit zkPAKE, an augmented PAKE that has been recently proposed by Mochetti, Resende, and Aranha (SBSeg 2015). Our work shows that the zkPAKE protocol is prone to offline password guessing attack, even in the presence of an adversary that has only eavesdropping capabilities. Therefore, zkPAKE is insecure and should not be used as a key exchange mechanism.

Category / Keywords: cryptographic protocols / PAKE

Date: received 29 Sep 2017, last revised 15 Apr 2019

Contact author: petra sala at uni lu

Available format(s): PDF | BibTeX Citation

Note: Implementation of the attack added to old version

Version: 20190415:124518 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]