Abstract
Let us consider the following situation: (1) a client, who communicates with a variety of servers, remembers only one password and has insecure devices with very-restricted computing power and built-in memory capacity; (2) the counterpart servers have enormous computing power, but they are not perfectly secure; (3) neither PKI (Public Key Infrastructures) nor TRM (Tamper-Resistant Modules) is available.
Our main goal of this paper is to provide its security against the leakage of stored secrets as well as to attain high efficiency on client’s side. For those, we propose an efficient and leakage-resilient RSA-based Authenticated Key Establishment (RSA-AKE) protocol suitable for the above situation whose authenticity is based on password and an additional stored secret. The RSA-AKE protocol is provably secure in the random oracle model where an adversary is given the stored secret of client and the RSA private key of server. In terms of computation costs, the client is required to compute only one modular exponentiation with an exponent e (e ≥ 3) in the protocol execution. We also show that the RSA-AKE protocol has several security properties and efficiency over the previous ones of their kinds.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-based Protocols Secure against Dictioinary Attacks. In: Proc. of IEEE Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society, Los Alamitos (1992)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: Proc. of ACM CCS 19 93, pp. 62–73 (1993)
Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Bellare, M., Rogaway, P.: The Exact Security of Digital Signatures: How to Sign with RSA and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)
Catalano, D., Pointcheval, D., Pornin, T.: IPAKE: Isomorphisms for Passwordbased Authenticated Key Exchange. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 477–493. Springer, Heidelberg (2004), The full version is available at http://www.di.ens.fr/~pointche/slides.php?reference=CaPoPo04
Diffie, W., Hellman, M.: New Directions in Cryptography. In: IEEE Transactions on Information Theory IT-22(6), pp. 644–654 (1976)
Diffie, W., van Oorschot, P., Wiener, M.: Authentication and Authenticated Key Exchange. In: Proc. of Designs, Codes, and Cryptography, pp. 107–125 (1992)
Gong, L.: Optimal Authentication Protocols Resistant to Password Guessing Attacks. In: Proc. of IEEE Computer Security Foundation Workshop, pp. 24–29 (1995)
Frier, A., Karlton, P., Kocher, P.: The SSL 3.0 Protocol. Netscape Communication Corp. (1996), available at http://wp.netscape.com/eng/ssl3/
Halevi, S., Krawczyk, H.: Public-Key Cryptography and Password Protocols (February 1999)
IETF (Internet Engineering Task Force). Secure Shell (secsh) Charter, http://www.ietf.org/html.charters/secsh-charter.html
IETF (Internet Engineering Task Force). Transport Layer Security (tls) Charter, http://www.ietf.org/html.charters/tls-charter.html
Katz, J., Ostrovsky, R., Yung, M.: Forward Secrecy in Password-Only Key Exchange Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 29–44. Springer, Heidelberg (2003)
Lamos, M., Gong, L., Saltzer, J., Needham, R.: Reducing Risks from Poorly Chosen Keys. In: Proc. of the 12th ACM Symposium on Operating System Principles, ACM Operating Systems Review, pp. 14–18 (1989)
MacKenzie, P., Patel, S., Swaminathan, R.: Password-Authenticated Key Exchange Based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000), The full version is available at http://cm.bell-labs.com/who/philmac/bib.html
Phoenix Technologies Inc.: Research Papers on Strong Password Authentication, available at http://www.integritysciences.com/links.html
Shamir, A.: How to Share a Secret. Proc. of Communications of the ACM 22(11), 612–613 (1979)
Shoup, V.: On Formal Models for Secure Key Exchange. IBM Research Report RZ 3121 (1999)
Wilson, S.B., Johnson, D., Menezes, A.: Key Agreement Protocols and their Security Analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, Springer, Heidelberg (1997)
Wu, T.: A Real-world Analysis of Kerberos Password Security. In: Proc. of Network and Distributed System Security Symposium (February 1999)
Zhang, M.: New Approaches to Password Authenticated Key Exchange based on RSA. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 230–244. Springer, Heidelberg (2004), Cryptology ePrint Archive, Report 2004/033, available at http://eprint.iacr.org/2004/033
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shin, S., Kobara, K., Imai, H. (2005). Efficient and Leakage-Resilient Authenticated Key Transport Protocol Based on RSA. In: Ioannidis, J., Keromytis, A., Yung, M. (eds) Applied Cryptography and Network Security. ACNS 2005. Lecture Notes in Computer Science, vol 3531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11496137_19
Download citation
DOI: https://doi.org/10.1007/11496137_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26223-7
Online ISBN: 978-3-540-31542-1
eBook Packages: Computer ScienceComputer Science (R0)