Self-Certified Approach for Authenticated Key Agreement

  • Tzong-Chen Wu
  • Yen-Ching Lin


Password-only authenticated key agreement (or PAKA for short) protocols allow communication parties to mutually authenticate with each other and share an authenticated secret key by only using easy-to-remember passwords. In this paper, we present a point-to-point PAKA protocol (or 2-PAKA for short) based on self-certified approach. The proposed 2-PAKA can be easily generalized to a point-to-multipoint PAKA (or n-PAKA for short) that allows n communication parties to achieve mutual authentication and key agreement. The proposed PAKA protocols achieve the properties of perfect forward secrecy and known-key security. Communication messages produced by the proposed PAKA protocols are self-certified, and therefore no trusted servers or public key certificates are required during the key agreement phase. We also discuss some essential but potential attacks on the proposed PAKA protocols, including on-/off-line password guessing, password-compromised impersonation, and unknown key-share.


Mutual Authentication System Authority Perfect Forward Secrecy Communication Parti PAKA Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Bellare et al., 2000]_M. Bellare, D. Pointcheval and P. Rogaway (2000) Authenticated Key Exchange Secure Against Dictionary Attacks. Advances in Cryptology — EUROCRYPT 2000, Lecture Notes in Computer Science 1807, pages 139–155.Google Scholar
  2. [Bellovin and Merritt, 1992]
    S. Bellovin and M. Merritt (1992). Encrypted Key Exchange: Password-based Protocols Secure Against Dictionary Attack. Proceedings IEEE Symposium on Research in Security and Privacy, pages 72–84.Google Scholar
  3. [Blake-Wilson and Menezes, 1998]
    S. Blake-Wilson and A. Menezes (1998). Authenticated Diffie-Hellman Key Agreement Protocols. Proceedings of the 5th Annual Workshop on Selected Areas in Cryptography — SAC'98, pages 339–361.Google Scholar
  4. [Boyko et al, 2000]_V. Boyko, P. Mackenzie and S. Patae (2000). Provably-secure Password Authentication and Key Exchange Using Diffie-Hellman. Advances in Cryptology — EUROCRYPT 2000, Lecture Notes in Computer Science 1807, pages 156–171.Google Scholar
  5. [Bresson et al., 2000]_E. Bresson, O. Chevassut, D. Pointcheval, and J.J. Quisquater (2001). Provably Authenticated Group Diffie-Hellman Key Exchange. ACM Conference on Computer and Communications Security, pages 255–264.Google Scholar
  6. [Ding and Horster, 1995]
    Y. Ding and P. Horster (1995). Undetectable On-line Password Guessing Attacks. ACM Operating System Review, Vol. 29, No. 4, pages 77–86.CrossRefGoogle Scholar
  7. [Lee et al., 1999]_H. Lee, K. Sohn, H. Yang, and D. Won (1999). The Efficient 3-pass Password-based Key Exchange Protocol with Low Computational Cost for Client. The Second International Conference Information Security and Cryptology — ICISC'99, pages 147–155.Google Scholar
  8. [Lin et al., 2001]
    [Lin et al., 2001]_C.L. Lin, H.M. Sun, M. Steiner and T. Hwang (2001). Three-party Encrypted Key Exchange without Server Public-Keys. IEEE Communication Letters, Vol. 5, No. 12, pages 497–499CrossRefGoogle Scholar
  9. [McCurley, 1988]
    K. McCurley (1988). A Key Distribution System Equivalent to Factoring. Journal of Cryptology, Vol. 1, No. 19, pages 95–105.zbMATHMathSciNetCrossRefGoogle Scholar
  10. [MacKenzie et al., 2000]_P. MacKenzie, S. Patel and R. Swaminathan (2000). Password-Authenticated Key Exchange Based on RSA. Advances in Cryptology — ASIACRYPT 2000, Lecture Notes in Computer Science 1876, pages 599–613.Google Scholar
  11. [Steiner et al., 1995]
    [Steiner et al., 1995]_M. Steiner, G. Tsudik and M. Waidner (1995). Refinement and Extension of Encrypted Key Exchange. Operating System Review, Vol. 29, No. 3, pages 22–30.CrossRefGoogle Scholar
  12. [Steiner et al., 1997]_M. Steiner, G. Tsudik and M. Waidner (1997). CLIQUES: A New Approach to Group Key Agreement. Technical Report RZ 2984, IBM Research.Google Scholar

Copyright information

© Springer Science+Business Media, Inc. 2005

Authors and Affiliations

  • Tzong-Chen Wu
    • 1
  • Yen-Ching Lin
    • 1
  1. 1.Department of Information ManagementNational Taiwan University of Science and TechnologyTaipeiTaiwan

Personalised recommendations