A General Construction for Password-Based Authenticated Key Exchange from Witness PRFs

  • Jiehui NanEmail author
  • Mengce Zheng
  • Zilong Wang
  • Honggang HuEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1105)


In cyber security, authenticated key exchange (AKE) can be used to achieve the privacy and authentication of data. As a relevant cryptographic protocol, password-based authenticated key exchange (PAKE) has been studied for its convenience. Recently, Katz and Vaikuntanathan proposed a round-optimal PAKE from smooth projective hash functions (SPHFs). However, the instantiation of smooth projective hash functions depends on the underlying NP-relation which is a CCA-secure encryption relation in their construction. In this paper, we apply a new cryptographic primitive named witness PRFs to construct PAKE. In our settings, the concrete construction of witness PRFs is independent of the underlying NP-relation. At this point, our construction is more general, and furthermore, we have a discussion on some possible NP-relations, which could be used to construct secure PAKE in our settings.


Authenticated key exchange Witness PRFs CCA-secure labeled encryption OAEP+ 



The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. This work was partially supported by the National Natural Science Foundation of China (Grant No. 61632013).


  1. 1.
    Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005). Scholar
  2. 2.
    Abdalla, M.: Password-based authenticated key exchange: an overview. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 1–9. Springer, Cham (2014). Scholar
  3. 3.
    Bird, R., et al.: The kryptoknight family of light-weight protocols for authentication and key distribution. IEEE/ACM Trans. Networking 3(1), 31–41 (1995)CrossRefGoogle Scholar
  4. 4.
    Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE S&P, pp. 72–84 (1992)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). Scholar
  6. 6.
    Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: 30th Annual ACM Symposium on Theory of Computing (STOC 1998), pp. 419–428. ACM, Dallas (1998)Google Scholar
  7. 7.
    Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995). Scholar
  8. 8.
    Bellare, M., Canetti, R., Krawczyk, H.: Provably secure session key distribution: the three party case. In: 27th Annual ACM Symposium on Theory of Computing (STOC 1995), pp. 57–66. ACM, Las Vegas (1995)Google Scholar
  9. 9.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). Scholar
  10. 10.
    Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). Scholar
  11. 11.
    Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002). Scholar
  12. 12.
    Ding, J., Alsayigh, S., Lancrenon, J., RV, S., Snook, M.: Provably secure password authenticated key exchange based on RLWE for the post-quantum world. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 183–204. Springer, Cham (2017). Scholar
  13. 13.
    Derler, D., Slamanig, D.: Practical witness encryption for algebraic languages or how to encrypt under Groth-Sahai proofs. Des. Codes Crypt. 86(11), 2525–2547 (2018)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. J. Cryptology 19(3), 241–340 (2006)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. ACM Trans. Inf. Syst. Secur. 9(2), 181–234 (2006)CrossRefGoogle Scholar
  16. 16.
    Kiltz, E., Pietrzak, K., Stam, M., Yung, M.: A new randomness extraction paradigm for hybrid encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 590–609. Springer, Heidelberg (2009). Scholar
  17. 17.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient and secure authenticated key exchange using weak passwords. J. ACM 57(1), 1–39 (2009)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Katz, J., Vaikuntanathan, V.: Round-optimal password-based authenticated key exchange. J. Cryptology 26(4), 714–743 (2013)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Shoup, V.: OAEP reconsidered. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001). Scholar
  20. 20.
    Whitfield, D., Martin, H.: New directions in cryptography. IEEE Trans. Inf. Theory 22(7), 644–654 (1976)MathSciNetzbMATHGoogle Scholar
  21. 21.
    Whitfield, D., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Crypt. 2(2), 107–125 (1992)MathSciNetCrossRefGoogle Scholar
  22. 22.
    Xue, H., Li, B., Lu, X.: IND-PCA secure KEM Is enough for password-based authenticated key exchange (Short Paper). In: Obana, S., Chida, K. (eds.) IWSEC 2017. LNCS, vol. 10418, pp. 231–241. Springer, Cham (2017). Scholar
  23. 23.
    Xue, H., Li, B., He, J.: New framework of password-based authenticated key exchange from only-one lossy encryption. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 188–198. Springer, Cham (2017). Scholar
  24. 24.
    Yao, H., Wang, C.: A novel blockchain-based authenticated key exchange protocol and its applications. In: 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), pp. 609–614. IEEE, Guangzhou (2018)Google Scholar
  25. 25.
    Zhandry, M.: How to avoid obfuscation using witness PRFs. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 421–448. Springer, Heidelberg (2016). Scholar
  26. 26.
    Zhu, L., Guo, C., Zhang, Z., Fu, W., Xu, R.: A Novel Contributory Cross-domain group password-based authenticated key exchange protocol with adaptive security. In: 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), pp. 213–222. IEEE, Shenzhen (2017)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Key Laboratory of Electromagnetic Space Information, Chinese Academy of Sciences, School of Information Science and TechnologyUniversity of Science and Technology of ChinaHefeiChina

Personalised recommendations