Cryptology ePrint Archive: Report 2020/987

Fuzzy Asymmetric Password-Authenticated Key Exchange

Andreas Erwig and Julia Hesse and Maximilian Orlt and Siavash Riahi

Abstract: Password-Authenticated Key Exchange (PAKE) lets users with passwords exchange a cryptographic key. There have been two variants of PAKE which make it more applicable to real-world scenarios:

- Asymmetric PAKE (aPAKE), which aims at protecting a client's password even if the authentication server is untrusted, and

- Fuzzy PAKE (fPAKE), which enables key agreement even if passwords of users are noisy, but ``close enough''.

Supporting fuzzy password matches eases the use of higher entropy passwords and enables using biometrics and environmental readings (both of which are naturally noisy).

Until now, both variants of PAKE have been considered only in separation. In this paper, we consider both of them simultaneously. We introduce the notion of Fuzzy Asymmetric PAKE (fuzzy aPAKE), which protects against untrusted servers and supports noisy passwords. We formulate our new notion in the Universal Composability framework of Canetti (FOCS'01), which is the preferred model for password-based primitives. We then show that fuzzy aPAKE can be obtained from oblivious transfer and some variant of robust secret sharing (Cramer et al, EC'15). We achieve security against malicious parties while avoiding expensive tools such as non-interactive zero-knowledge proofs. Our construction is round-optimal, with message and password file sizes that are independent of the schemes error tolerance.

Category / Keywords: cryptographic protocols / Key Exchange, aPAKE, Fuzziness, Universal Composability

Date: received 15 Aug 2020, last revised 15 Aug 2020

Contact author: siavash riahi at tu-darmstadt de

Available format(s): PDF | BibTeX Citation

Version: 20200818:083755 (All versions of this report)

Short URL: ia.cr/2020/987


[ Cryptology ePrint archive ]