Paper 2020/320
Universally Composable Relaxed Password Authenticated Key Exchange
Michel Abdalla, Manuel Barbosa, Tatiana Bradley, Stanislaw Jarecki, Jonathan Katz, and Jiayu Xu
Abstract
Protocols for password authenticated key exchange (PAKE) allow two parties who share only a weak password to agree on a cryptographically strong key. We revisit the notion of PAKE in the framework of universal composability, and propose a relaxation of the PAKE functionality of Canetti et al. that we call lazy-extraction PAKE (lePAKE). Roughly, our relaxation allows the ideal-world adversary to postpone its password guess even until after a session is complete. We argue that this relaxed notion still provides meaningful security in the password-only setting. As our main result, we show that several PAKE protocols that were previously only proven secure with respect to a "game-based" definition can in fact be shown to realize the lePAKE functionality in the random-oracle model. These include SPEKE, SPAKE2, and TBPEKE, the most efficient PAKE schemes currently known.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- Password authenticationkey exchangeuniversal composabilityPAKE
- Contact author(s)
-
michel abdalla @ ens fr
mbb @ fc up pt
tebradle @ uci edu
sjarecki @ uci edu
jkatz2 @ gmail com
jiayux @ umd edu - History
- 2020-03-15: received
- Short URL
- https://ia.cr/2020/320
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/320,
author = {Michel Abdalla and Manuel Barbosa and Tatiana Bradley and Stanislaw Jarecki and Jonathan Katz and Jiayu Xu},
title = {Universally Composable Relaxed Password Authenticated Key Exchange},
howpublished = {Cryptology {ePrint} Archive, Paper 2020/320},
year = {2020},
url = {https://eprint.iacr.org/2020/320}
}
