Abstract
We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N–1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients’ distinct passwords have been suggested.
In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.
Keywords
This research was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC(Information Technology Research Center) support program supervised by the IITA(Institute of Information Technology Assessment).
Download to read the full chapter text
Chapter PDF
References
Abdalla, M., Bellare, M., Rogaway, P.: The oracle diffie-hellman assumptions and an analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)
Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)
Beraldi, R., Baldoni, R.: Unicast routing techniques for mobile ad hoc networks. CRC Press, Inc., Boca Raton (2003), ISBN:0-8493-1322-5
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the First ACM Conference on Computer and Communications Security. ACM, New York (1995)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Bellovin, S., Merrit, M.: Encrypted key exchange: password based protocols secure against dictionary attacks. In: Proceedings of the Symposium on Security and Privacy, pp. 72–84. IEEE, Los Alamitos (1992)
Blake-Wilson, S., Jhonson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 30–45. Springer, Heidelberg (1998)
Basile, C., Killijian, M.-O., Powell, D.: A survey of dependability issues in mobile wireless networks., Technical Report, LAAS CNRS Toulouse, France (February 2003), http://www.crhc.uiuc.edu/~basilecl/papers/mobile.ps
Boyd, C., Mathuria, A.: Key establishment protocols for secure mobile communications: A selective survey. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 344–355. Springer, Heidelberg (1998)
Bresson, E., Chevassut, O., Pointcheval, D.: Group diffie-hellman key exchange secure against dictionary attacks. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 497–514. Springer, Heidelberg (2002)
Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group diffie-hellman key exchange. In: Proceedings of 8th ACM Conference on Computer and Communications Security, pp. 255–264 (2001)
Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group diffie-hellman key exchange in the dynamic case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)
Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic group diffie-hellman key exchange under standard assumptions. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 321–336. Springer, Heidelberg (2002)
Bresson, E., Chevassut, O., Pointcheval, D.: The group diffie-hellman problems. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 325–338. Springer, Heidelberg (2003)
Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002)
Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)
Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)
Byun, J., Jeong, I., Lee, D., Park, C.: Password-authenticated key exchange between clients with different passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)
Chen, L.: A Weakness of the Password-Authenticated Key Agreement between Clients with Different Passwords Scheme, ISO/IEC JTC 1/SC27 N3716
Cordeiro, C., Agrawal, D.: Mobile ad hoc networking. In: Tutorial/Short Course in 20 th Brazilian Symposium on Computer Networks, pp. 125–186 (May 2002)
Denning, D., Sacco, G.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1981)
Ding, Y., Horster, P.: Undetectable on-line password guessing attacks. ACM Operating Systems Review 29(4), 77–86 (1995)
Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001)
Halevi, S., Krawczyk, H.: Public-key cryptography and password protcols. In: Proceedings ACM Conference on Computer and Communications Security, pp. 63–72. ACM Press, New York (1999)
IEEE P802.11i/D10.0, Wireless medium access control (MAC) and physical layer (PHY) specifications: medium access control (MAC) security enhancements (April 2004)
Jablon, D.: Strong password-only authenticated key exchange. Computer Communication Review 26(5), 5–26 (1996)
Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)
Kashyap, H.: Nishar, and P. Agarwal, Survey on unicast routing in mobile ad hoc networks (2001), This paper is available at http://www.cs.unibo.it/people/faculty/bononi/Sim2003/Papers/surveyrouting..pdf
Kim, J., Kim, S., Kwak, J., Won, D.: Cryptanalysis and Improvements of Password Authenticated Key Exchange Scheme between Clients with Different Passwords. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3044, pp. 895–902. Springer, Heidelberg (2004)
Kuosmanen, P.: Classification of ad hoc routing protocols (2003), Available at http://eia.udg.es/~lilianac/docs/classification-of-ad-hoc.pdf
Lin, C., Sun, H., Hwang, T.: Three-party encrypted key exchange: attacks and a solution. ACM Operating Systems Review 34(4), 12–20 (2000)
Lin, C., Sun, H., Steiner, M., Hwang, T.: Three-party Encrypted Key Exchange Without Server Public-Keys. IEEE Communications Letters 5(12), 497–499 (2001)
Lucks, S.: Open key exchange: how to defeat dictionary attacks without encryting public keys. In: Proceedings of the security protocol workshop 1997, pp. 79–90 (1997)
Steiner, M., Tsudik, G., Waider, M.: Refinement and extension of encrypted key exchange. ACM Operation Sys. Review 29(3), 22–30 (1995)
Steiner, M., Tsudik, G.: Diffie-hellman key distribution extended to groups. In: Proceedings of ACM CCS 1996. ACM Press, New York (1996)
Shoup, V.: OAEP reconsidered. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001)
Tzeng, W.: A secure fault-tolerant conference-key agreement protocol. IEEE Transaction on Computers 51(4) (2002)
Varadharajan, V., Mu, Y.: On the design of security protocols for mobile communications. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 134–145. Springer, Heidelberg (1996)
Wang, S., Wang, J., Xu, M.: Weakness of a Password-authenticated Key Exchange Protocol Between Clients with Different Passwords. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 414–425. Springer, Heidelberg (2004)
Wu, T.: Secure remote password protocol. In: Proceedings of the Internet Society Network and Distributed System Security Symposium, pp. 97–111 (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Byun, J.W., Lee, D.H. (2005). N-Party Encrypted Diffie-Hellman Key Exchange Using Different Passwords. In: Ioannidis, J., Keromytis, A., Yung, M. (eds) Applied Cryptography and Network Security. ACNS 2005. Lecture Notes in Computer Science, vol 3531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11496137_6
Download citation
DOI: https://doi.org/10.1007/11496137_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26223-7
Online ISBN: 978-3-540-31542-1
eBook Packages: Computer ScienceComputer Science (R0)