Paper 2023/768
Owl: An Augmented Password-Authenticated Key Exchange Scheme
, University of WarwickAbstract
We present Owl, an augmented password-authenticated key exchange (PAKE) protocol that is both efficient and supported by security proofs. Owl is motivated by recognized limitations in SRP-6a and OPAQUE. SRP-6a is the only augmented PAKE that has enjoyed wide use in practice to date, but it lacks the support of formal security proofs, and does not support elliptic curve settings. OPAQUE was proposed in 2018 as a provably secure and efficient alternative to SRP-6a, and was chosen by the IETF in 2020 for standardization, but open issues leave it unclear whether OPAQUE will replace SRP-6a in practice. Owl is obtained by efficiently adapting J-PAKE to an asymmetric setting, providing additional security against server compromise yet with lower computation than J-PAKE. Owl is provably secure, efficient and agile in supporting implementations in diverse multiplicative groups and elliptic curve settings. To the best of our knowledge, Owl is the first augmented PAKE solution that provides systematic advantages over SRP-6a in terms of security, computation, message sizes, and agility.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. FC 2024
- Keywords
- Key agreementpassword authenticated key exchangePAKEaugmented PAKE
- Contact author(s)
-
feng hao @ warwick ac uk
samiran bag @ gmail com
liqun chen @ surrey ac uk
paulv @ scs carleton ca - History
- 2023-12-19: last of 2 revisions
- 2023-05-26: received
- See all versions
- Short URL
- https://ia.cr/2023/768
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/768,
author = {Feng Hao and Samiran Bag and Liqun Chen and Paul C. van Oorschot},
title = {Owl: An Augmented Password-Authenticated Key Exchange Scheme},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/768},
year = {2023},
url = {https://eprint.iacr.org/2023/768}
}
