eprint.iacr.org will be offline for approximately an hour for routine maintenance again at 10pm UTC on Wednesday, April 17.

Paper 2023/768

Owl: An Augmented Password-Authenticated Key Exchange Scheme

Feng Hao, University of Warwick
Samiran Bag, University of Warwick
Liqun Chen, University of Surrey
Paul C. van Oorschot, Carleton University
Abstract

We present Owl, an augmented password-authenticated key exchange (PAKE) protocol that is both efficient and supported by security proofs. Owl is motivated by recognized limitations in SRP-6a and OPAQUE. SRP-6a is the only augmented PAKE that has enjoyed wide use in practice to date, but it lacks the support of formal security proofs, and does not support elliptic curve settings. OPAQUE was proposed in 2018 as a provably secure and efficient alternative to SRP-6a, and was chosen by the IETF in 2020 for standardization, but open issues leave it unclear whether OPAQUE will replace SRP-6a in practice. Owl is obtained by efficiently adapting J-PAKE to an asymmetric setting, providing additional security against server compromise yet with lower computation than J-PAKE. Owl is provably secure, efficient and agile in supporting implementations in diverse multiplicative groups and elliptic curve settings. To the best of our knowledge, Owl is the first augmented PAKE solution that provides systematic advantages over SRP-6a in terms of security, computation, message sizes, and agility.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. FC 2024
Keywords
Key agreementpassword authenticated key exchangePAKEaugmented PAKE
Contact author(s)
feng hao @ warwick ac uk
samiran bag @ gmail com
liqun chen @ surrey ac uk
paulv @ scs carleton ca
History
2023-12-19: last of 2 revisions
2023-05-26: received
See all versions
Short URL
https://ia.cr/2023/768
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/768,
      author = {Feng Hao and Samiran Bag and Liqun Chen and Paul C. van Oorschot},
      title = {Owl: An Augmented Password-Authenticated Key Exchange Scheme},
      howpublished = {Cryptology ePrint Archive, Paper 2023/768},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/768}},
      url = {https://eprint.iacr.org/2023/768}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.