Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Journal of Cryptology
Erschienen in: Journal of Cryptology 4/2013

01.10.2013

Round-Optimal Password-Based Authenticated Key Exchange

verfasst von: Jonathan Katz, Vinod Vaikuntanathan

Erschienen in: Journal of Cryptology | Ausgabe 4/2013

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

We show a general framework for constructing password-based authenticated key-exchange protocols with optimal round complexity—one message per party, sent simultaneously—in the standard model, assuming the existence of a common reference string. When our framework is instantiated using bilinear-map-based cryptosystems, the resulting protocol is also (reasonably) efficient. Somewhat surprisingly, our framework can be adapted to give protocols in the standard model that are universally composable while still using only one (simultaneous) round.
Vorheriger Artikel FlipIt: The Game of “Stealthy Takeover”

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
Although the usual presentation of PAKE assumes a uniform password, known protocols work with passwords chosen from any (efficiently sampleable) distribution.
 
2
Reliance on a CRS is not a serious drawback in the context of PAKE where the CRS can be hard-coded into an implementation of the protocol. Note also that reliance on a CRS (or some other setup) is inherent for achieving universally composable PAKE [16].
 
3
Our calculations here are based on the decisional linear assumption (the 2-linear assumption in the terminology of Ref. [13]). If we are willing to use the 1-linear assumption, the efficiency of our proofs can be improved.
 
Literatur
[1]
M. Abdalla, D. Catalano, C. Chevalier, D. Pointcheval, Efficient two-party password-based key exchange protocols in the UC framework, in Cryptographers’ Track—RSA 2008. LNCS, vol. 4964 (Springer, Berlin, 2008), pp. 335–351
[2]
B. Barak, R. Canetti, Y. Lindell, R. Pass, T. Rabin, Secure computation without authentication. J. Cryptol. 24(4), 720–760 (2011) MathSciNetMATHCrossRef
[3]
M. Bellare, D. Pointcheval, P. Rogaway, Authenticated key exchange secure against dictionary attacks, in Advances in Cryptology—Eurocrypt 2000. LNCS, vol. 1807 (Springer, Berlin, 2000), pp. 139–155 CrossRef
[4]
M. Bellare, P. Rogaway, Entity authentication and key distribution, in Advances in Cryptology—Crypto’93. LNCS, vol. 773 (Springer, Berlin, 1994), pp. 232–249
[5]
M. Bellare, P. Rogaway, Provably secure session key distribution: The three party case, in 27th Annual ACM Symposium on Theory of Computing (STOC) (ACM, New York, 1995), pp. 57–66
[6]
S.M. Bellovin, M. Merritt, Encrypted key exchange: Password-based protocols secure against dictionary attacks, in IEEE Symposium on Security & Privacy (IEEE Press, New York, 1992), pp. 72–84
[7]
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, M. Yung, Systematic design of two-party authentication protocols. IEEE J. Sel. Areas Commun. 11(5), 679–693 (1993) CrossRef
[8]
M. Blum, A. De Santis, S. Micali, G. Persiano, Noninteractive zero-knowledge. SIAM J. Comput. 20(6), 1084–1118 (1991) MathSciNetMATHCrossRef
[9]
M. Blum, P. Feldman, S. Micali, Proving security against chosen cyphertext attacks, in Advances in Cryptology—Crypto’88. LNCS, vol. 403 (Springer, Berlin, 1990), pp. 256–268
[10]
D. Boneh, X. Boyen, H. Shacham, Short group signatures, in Advances in Cryptology—Crypto 2004. LNCS, vol. 3152 (Springer, Berlin, 2004), pp. 41–55 CrossRef
[11]
X. Boyen, Y. Dodis, J. Katz, R. Ostrovsky, A. Smith, Secure remote authentication using biometric data, in Advances in Cryptology—Eurocrypt 2005. LNCS, vol. 3494 (Springer, Berlin, 2005), pp. 147–163 CrossRef
[12]
V. Boyko, P.D. MacKenzie, S. Patel, Provably secure password-authenticated key exchange using Diffie–Hellman, in Advances in Cryptology—Eurocrypt 2000. LNCS, vol. 1807 (Springer, Berlin, 2000), pp. 156–171 CrossRef
[13]
J. Camenisch, N. Chandran, V. Shoup, A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks, in Advances in Cryptology—Eurocrypt 2009, ed. by A. Joux. LNCS, vol. 5479 (Springer, Berlin, 2009), pp. 351–368 CrossRef
[14]
R. Canetti, Universally composable security: A new paradigm for cryptographic protocols, in 42nd Annual Symposium on Foundations of Computer Science (FOCS) (IEEE Press, New York, 2001), pp. 136–145. Full version at http://​eprint.​iacr.​org/​2000/​067/​
[15]
R. Canetti, D. Dachman-Soled, V. Vaikuntanathan, H. Wee, Efficient password authenticated key exchange via oblivious transfer, in Public-Key Cryptography—PKC 2012. LNCS, vol. 7293 (Springer, Berlin, 2012), pp. 449–466 CrossRef
[16]
R. Canetti, S. Halevi, J. Katz, Y. Lindell, P.D. MacKenzie, Universally composable password-based key exchange, in Advances in Cryptology—Eurocrypt 2005. LNCS, vol. 3494 (Springer, Berlin, 2005), pp. 404–421 CrossRef
[17]
R. Cramer, V. Shoup, Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in Advances in Cryptology—Eurocrypt 2002. LNCS, vol. 2332 (Springer, Berlin, 2002), pp. 45–64 CrossRef
[18]
A. De Santis, G. Di Crescenzo, R. Ostrovsky, G. Persiano, A. Sahai, Robust non-interactive zero knowledge, in Advances in Cryptology—Crypto 2001. LNCS, vol. 2139 (Springer, Berlin, 2001), pp. 566–598 CrossRef
[19]
[20]
U. Feige, D. Lapidot, A. Shamir, Multiple non-interactive zero knowledge proofs under general assumptions. SIAM J. Comput. 29(1), 1–28 (1999) MathSciNetMATHCrossRef
[21]
R. Gennaro, Faster and shorter password-authenticated key exchange, in 5th Theory of Cryptography Conference—TCC 2008. LNCS, vol. 4948 (Springer, Berlin, 2008), pp. 589–606
[22]
R. Gennaro, Y. Lindell, A framework for password-based authenticated key exchange. ACM Trans. Inf. Syst. Secur. 9(2), 181–234 (2006) CrossRef
[23]
[24]
L. Gong, T.M.A. Lomas, R.M. Needham, J.H. Saltzer, Protecting poorly chosen secrets from guessing attacks. IEEE J. Sel. Areas Commun. 11(5), 648–656 (1993) CrossRef
[25]
V. Goyal, Positive results for concurrently secure computation in the plain model, in 53rd Annual Symposium on Foundations of Computer Science (FOCS) (IEEE Press, New York, 2012)
[26]
V. Goyal, A. Jain, R. Ostrovsky, Password-authenticated session-key generation on the Internet in the plain model, in Advances in Cryptology—Crypto 2010. LNCS, vol. 6223 (Springer, Berlin, 2010), pp. 277–294 CrossRef
[27]
A. Groce, J. Katz, A new framework for efficient password-based authenticated key exchange, in 17th ACM Conf. on Computer and Communications Security (CCS) (ACM, New York, 2010), pp. 516–525
[28]
J. Groth, A. Sahai, Efficient non-interactive proof systems for bilinear groups, in Advances in Cryptology—Eurocrypt 2008. LNCS, vol. 4965 (Springer, Berlin, 2008), pp. 415–432 CrossRef
[29]
S. Halevi, H. Krawczyk, Public-key cryptography and password protocols. ACM Trans. Inf. Syst. Secur. 2(3), 230–268 (1999) CrossRef
[30]
D. Hofheinz, E. Kiltz, Secure hybrid encryption from weakened key encapsulation, in Advances in Cryptology—Crypto 2007. LNCS, vol. 4622 (Springer, Berlin, 2007), pp. 553–571 CrossRef
[31]
I.R. Jeong, J. Katz, D.H. Lee, One-round protocols for two-party authenticated key exchange, in 2nd Intl. Conference on Applied Cryptography and Network Security (ACNS). LNCS, vol. 3089 (Springer, Berlin, 2004), pp. 220–232 CrossRef
[32]
S. Jiang, G. Gong, Password based key exchange with mutual authentication, in 11th Annual International Workshop on Selected Areas in Cryptography (SAC). LNCS, vol. 3357 (Springer, Berlin, 2004), pp. 267–279 CrossRef
[33]
J. Katz, P.D. MacKenzie, G. Taban, V.D. Gligor, Two-server password-only authenticated key exchange. J. Comput. Syst. Sci. Int. 78(2), 651–669 (2012) MathSciNetMATHCrossRef
[34]
J. Katz, R. Ostrovsky, M. Yung, Efficient and secure authenticated key exchange using weak passwords. J. ACM 57(1), 78–116 (2009) MathSciNetCrossRef
[35]
J. Katz, V. Vaikuntanathan, Smooth projective hashing and password-based authenticated key exchange from lattices, in Advances in Cryptology—Asiacrypt 2009. LNCS, vol. 5912 (Springer, Berlin, 2009), pp. 636–652 CrossRef
[36]
P.D. MacKenzie, S. Patel, R. Swaminathan, Password-authenticated key exchange based on RSA, in Advances in Cryptology—Asiacrypt 2000. LNCS, vol. 1976 (Springer, Berlin, 2000), pp. 599–613 CrossRef
[37]
M. Naor, M. Yung, Public-key cryptosystems provably secure against chosen ciphertext attacks, in 22nd Annual ACM Symposium on Theory of Computing (STOC) (ACM, New York, 1990), pp. 427–437
[38]
[39]
T. Okamoto, Authenticated key exchange and key encapsulation in the standard model, in Advances in Cryptology—Asiacrypt 2007. LNCS, vol. 4833 (Springer, Berlin, 2007), pp. 474–484 CrossRef
[40]
A. Sahai, Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security, in 40th Annual Symposium on Foundations of Computer Science (FOCS) (IEEE Press, New York, 1999), pp. 543–553
[41]
H. Shacham, A Cramer-Shoup encryption scheme from the linear assumption and from progressively weaker linear variants. Cryptology ePrint archive, report 2007/074
Metadaten
Titel
Round-Optimal Password-Based Authenticated Key Exchange
verfasst von
Jonathan Katz
Vinod Vaikuntanathan
Publikationsdatum
01.10.2013
Verlag
Springer US
Erschienen in
Journal of Cryptology / Ausgabe 4/2013
Print ISSN: 0933-2790
Elektronische ISSN: 1432-1378
DOI
https://doi.org/10.1007/s00145-012-9133-6

Premium Partner

    Bildnachweise