Elliptic Curve Based Password Authenticated Key Exchange Protocols

  • Colin Boyd
  • Paul Montague
  • Khanh Nguyen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2119)


We investigate password authenticated key exchange (PAKE) protocols in low resource environments, such as smartcards or mobile devices. In such environments, particularly in the future, it may be that the cryptosystems available for signatures and/or encryptions will be based on elliptic curves, because of their well-known advantages with regard to processing and size constraints. As a result, any PAKE protocols which the device requires should also preferably be implemented over elliptic curves. We show that the direct elliptic curve (EC) analogs of some PAKE protocols are insecure against partition attacks. We go on to propose a new EC based PAKE protocol. A modified version of the protocol for highly constrained devices, such as smartcards, is also presented.


Elliptic Curve Elliptic Curf Discrete Logarithm Quadratic Residue Dictionary Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In Advances in Cryptology-Eurocrypt’2000, pages 139–155. LNCS vol. 1807, Springer-Verlag, 2000.CrossRefGoogle Scholar
  2. [2]
    Mihir Bellare and Phillip Rogaway. The AuthA protocol for password-based authenticated key exchange. In Submission to IEEE P1363 study group, 2000.Google Scholar
  3. [3]
    S. Bellovin and M. Merritt. Encrypted key exchange: Password based protocol secure against dictionary attackes. In Proceedings of the Symposium on Security and Privacy, pages 72–84. IEEE, 1992.Google Scholar
  4. [4]
    V. Boyko, P. MacKenzie, and S. Patel. Provably secure password-authenticated key exchange. In Advances in Cryptology-Eurocrypt’2000, pages 156–171. LNCS vol. 1807, Springer-Verlag, 2000.CrossRefGoogle Scholar
  5. [5]
    D. Jablon. Strong password-only authenticated key exchange. ACM Computer Communication Review, 26(5):5–20, 1996.CrossRefGoogle Scholar
  6. [6]
    S. Patel. Number theoretic attacks on secure password schemes. In Proceedings of the Symposium on Security and Privacy, pages 236–247. IEEE, 1997.Google Scholar
  7. [7]
    S. Patel. Information Leakege in Encrypted Key Exchange. In Proceedings of the DIMACS Workshop on Network Threats, 1997.Google Scholar
  8. [8]
    V. Miller. Use of elliptic curves in cryptography. In Advances in Cryptology-Crypto 85, pages 417–426. LNCS vol. 218, Springer-Verlag, 1986.Google Scholar
  9. [9]
    N. Koblitz. Elliptic curve cryptosystems. Math. Comp., 48:203–209, 1987.zbMATHCrossRefMathSciNetGoogle Scholar
  10. [10]
    Wireless Application Protocol-Wireless Transport Layer Security Specification, Wireless Application Forum Ltd, 2000.Google Scholar
  11. [11]
    IEEE P1363 Study Group for Future Public-Key Cryptography Standards.
  12. [12]
    Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA). American National Standard for Financial Services, X9.62, 1998.Google Scholar
  13. [13]
    I.F. Blake, G. Seroussi and N.P. Smart. Elliptic Curves in Cryptography. LMS Lecture Note Series 265, CUP, 1999.Google Scholar
  14. [14]
    J.H. Silverman. The Arithmetic of Elliptic Curves. Springer-Verlag, GTM 106, 1986.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Colin Boyd
    • 1
  • Paul Montague
    • 2
  • Khanh Nguyen
    • 2
  1. 1.Information Security Research CentreQueensland University of TechnologyBrisbaneAustralia
  2. 2.Motorola Australia Software CentreAustralia

Personalised recommendations