Paper 2020/987

Fuzzy Asymmetric Password-Authenticated Key Exchange

Andreas Erwig, Julia Hesse, Maximilian Orlt, and Siavash Riahi

Abstract

Password-Authenticated Key Exchange (PAKE) lets users with passwords exchange a cryptographic key. There have been two variants of PAKE which make it more applicable to real-world scenarios: - Asymmetric PAKE (aPAKE), which aims at protecting a client's password even if the authentication server is untrusted, and - Fuzzy PAKE (fPAKE), which enables key agreement even if passwords of users are noisy, but ``close enough''. Supporting fuzzy password matches eases the use of higher entropy passwords and enables using biometrics and environmental readings (both of which are naturally noisy). Until now, both variants of PAKE have been considered only in separation. In this paper, we consider both of them simultaneously. We introduce the notion of Fuzzy Asymmetric PAKE (fuzzy aPAKE), which protects against untrusted servers and supports noisy passwords. We formulate our new notion in the Universal Composability framework of Canetti (FOCS'01), which is the preferred model for password-based primitives. We then show that fuzzy aPAKE can be obtained from oblivious transfer and some variant of robust secret sharing (Cramer et al, EC'15). We achieve security against malicious parties while avoiding expensive tools such as non-interactive zero-knowledge proofs. Our construction is round-optimal, with message and password file sizes that are independent of the schemes error tolerance.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Key ExchangeaPAKEFuzzinessUniversal Composability
Contact author(s)
siavash riahi @ tu-darmstadt de
History
2020-08-18: received
Short URL
https://ia.cr/2020/987
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/987,
      author = {Andreas Erwig and Julia Hesse and Maximilian Orlt and Siavash Riahi},
      title = {Fuzzy Asymmetric Password-Authenticated Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/987},
      year = {2020},
      url = {https://eprint.iacr.org/2020/987}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.