One-Round Protocol for Two-Party Verifier-Based Password-Authenticated Key Exchange

  • Jeong Ok Kwon
  • Kouichi Sakurai
  • Dong Hoon Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4237)


Password-authenticated key exchange (PAKE) for two-party allows a client and a server communicating over a public network to share a session key using a human-memorable password only. PAKE protocols can be served as basic building blocks for constructing secure, complex, and higher-level protocols which were initially built upon the Transport Layer Security (TLS) protocol. In this paper, we propose a provably-secure verifier-based PAKE protocol well suited with the TLS protocol which requires only a single round. The protocol is secure against attacks using compromised server’s password file and known-key attacks, and provides forward secrecy, which is analyzed in the ideal hash model. This scheme matches the most efficient verifier-based PAKE protocol among those found in the literature. It is the first provably-secure one-round protocol for verifier-based PAKE in the two-party setting.


Forward Secrecy Transport Layer Security Dictionary Attack PAKE Protocol Corrupt Query 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Abdalla, M., Bresson, E., Chevassut, O., Essiari, A., Möller, B., Pointcheval, D.: Provably Secure Password-Based Authentication in TLS. In: Proc. of ASIACCS 2006, pp. 35–45. ACM Press, New York (2006)Google Scholar
  2. 2.
    Abdalla, M., Chevassut, O., Pointcheval, D.: One-Time Verifier-Based Encrypted Key Exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47–64. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Bellovin, S., Merritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure against Dictionary Attacks. In: Proc. of the Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society, Los Alamitos (1992)Google Scholar
  5. 5.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Bresson, E., Chevassut, O., Pointcheval, D.: Security Proofs for an Efficient Password-Based Key Exchange. In: Proc. of the 10th ACM Conference on Computer and Communications Security, pp. 241–250. ACM Press, New York (2003)CrossRefGoogle Scholar
  7. 7.
    Bresson, E., Chevassut, O., Pointcheval, D.: New Security Results on Encrypted Key Exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Bellovin, S., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password-file compromise. In: ACM Conference on Computer and Communications Security, pp. 244–250 (1993)Google Scholar
  9. 9.
    Boyko, V., MacKenzie, P.D., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Denning, D., Sacco, G.M.: Timestamps in Key Distribution Protocols. Communications of the ACM 24(8), 533–536 (1981)CrossRefGoogle Scholar
  11. 11.
    Gentry, C., MacKenzie, P., Ramzan, Z.: PAK-Z+, Contributions to IEEE P1363 (August 2005), available from:
  12. 12.
    Goldreich, O., Lindell, Y.: Session-Key Generation Using Human Passwords Only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Hwang, Y.H., Yum, D.H., Lee, P.J.: EPA: An Efficient Password-Based Protocol for Authenticated Key Exchange. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 452–463. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Jablon, D.: Extended password key exchange protocols immune to dictionary attack. In: Proc. of WETICE 1997 Workshop on Enterprise Security (1997)Google Scholar
  15. 15.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Katz, J., Ostrovsky, R., Yung, M.: Forward Secrecy in Password-Only Key Exchange Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 29–44. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Kwon, T.: Ultimate Solution to Authentication via Memorable Password, Contributions to IEEE p. 1363 (May 2000), available from:
  18. 18.
    Kwon, J.O., Sakurai, K., Lee, D.H.: Full version of this paper, available at:
  19. 19.
    Kwon, T., Song, J.: Secure agreement scheme for gxy via password authentication. Electronics Letters 35(11), 892–893 (1999)CrossRefGoogle Scholar
  20. 20.
    MacKenzie, P.D.: More Efficient Password-Authenticated Key Exchange. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 361–377. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  21. 21.
    MacKenzie, P., Swaminathan, R.: Secure network authentication with password identification, Presented to IEEE P1363a (August 1999)Google Scholar
  22. 22.
    Steiner, M., Buhler, P., Eirich, T., Waidner, M.: Secure Password-Based Cipher Suite for TLS. ACM Transactions on Information and System Security (TISSEC) 4(2), 134–157 (2001)CrossRefGoogle Scholar
  23. 23.
    Wu, T.: Secure remote password protocol. In: Proc. of the ISOC NDSS Symposium, pp. 99–111 (1998)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2006

Authors and Affiliations

  • Jeong Ok Kwon
    • 1
  • Kouichi Sakurai
    • 2
  • Dong Hoon Lee
    • 1
  1. 1.Graduate School of Information Security CISTKorea UniversitySeoulKorea
  2. 2.Department of Computer Science and Communication EngineeringKyushu UniversityFukuokaJapan

Personalised recommendations