2014 | OriginalPaper | Chapter
ID-Based Two-Server Password-Authenticated Key Exchange
Authors : Xun Yi, Feng Hao, Elisa Bertino
Published in: Computer Security - ESORICS 2014
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
In two-server password-authenticated key exchange (PAKE) protocol, a client splits its password and stores two shares of its password in the two servers, respectively, and the two servers then cooperate to authenticate the client without knowing the password of the client. In case one server is compromised by an adversary, the password of the client is required to remain secure. In this paper, we present a compiler that transforms any two-party PAKE protocol to a two-server PAKE protocol. This compiler is mainly built on two-party PAKE and identity-based encryption (IBE), where the identities of the two servers are used as their public keys. By our compiler, we can construct a two-server PAKE protocol which achieves implicit authentication with only two communications between the client and the servers. As long as the underlying two-party PAKE protocol and IBE scheme have provable security without random oracles, the two-server PAKE protocol constructed by our compiler can be proven to be secure without random oracles.