Skip to main content
SpringerLink
Log in

More Efficient Password Authenticated Key Exchange Based on RSA

  • Conference paper
Progress in Cryptology - INDOCRYPT 2003 (INDOCRYPT 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2904))

Included in the following conference series:

Abstract

In [17], Zhu, et al. proposed a RSA-based password authenticated key exchange scheme which supports short RSA public exponents. The scheme is the most efficient one among all the RSA-based schemes currently proposed when implemented on low-power asymmetric wireless networks. We observe that its performance can further be improved by proposing two modifications. The first modification shortens the size of the message sent from the server to the client. The second modification dramatically reduces the size of the message sent from the client to the server and therefore can be used to reduce the power consumption of the client for wireless communications in a significant way. We also generalize our modified schemes and formalize the security requirements of all underlying primitives that the generic scheme is constituted. A new primitive called password-keyed permutation family is introduced. We show that the security of our password-keyed permutation family is computationally equivalent to the RSA Problem in the random oracle model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bao, F.: Security analaysis of a password authenticated key exchange protocol. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 208–217. Springer, Heidelberg (2003) (to appear)

    Chapter  Google Scholar 

  2. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: First ACM Conference on Computer and Communications Security, Fairfax, pp. 62–73. ACM, New York (1993)

    Chapter  Google Scholar 

  3. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password based protocols secure against dictionary attacks. In: Proceedings 1992 IEEE Symposium on Research in Security and Privacy, pp. 72–84. IEEE Computer Society, Los Alamitos (1992)

    Chapter  Google Scholar 

  4. Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Designs, Codes, and Cryptography 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  6. Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, Springer, Heidelberg (2003), also in Cryptology ePring Archive: Report 2003/032

    Chapter  Google Scholar 

  7. Gong, L., Lomas, M.A., Needham, R.M., Saltzer, J.H.: Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Areas in Communications 11(5), 648–656 (1993)

    Article  Google Scholar 

  8. IEEE. P1363.2 / D10: Standard Specifications for Password-based Public Key Cryptographic Techniques (July 2003)

    Google Scholar 

  9. Jablon, D.P.: Strong password-only authenticated key exchange. ACM Computer Communication Review 26(5), 5–26 (1996)

    Article  Google Scholar 

  10. Jablon, D.P.: Extended password key exchange protocols immune to dictionary attack. In: Proceedings of the WETICE 1997 Workshop on Enterprise Security, Cambridge, MA, USA (June 1997)

    Google Scholar 

  11. Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 475. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Lucks, S.: Open key exchange: How to defeat dictionary attacks without encrypting public keys. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 79–90. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  13. MacKenzie, P., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  14. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)

    Article  MATH  MathSciNet  Google Scholar 

  15. Wong, D.S., Fuentes, H.H., Chan, A.H.: The performance measurement of cryptographic primitives on palm devices. In: Proc. of the 17th Annual Computer Security Applications Conference (December 2001)

    Google Scholar 

  16. Wu, T.: The secure remote password protocol. In: 1998 Internet Society Symposium on Network and Distributed System Security, pp. 97–111 (1998)

    Google Scholar 

  17. Zhu, F., Wong, D.S., Chan, A.H., Ye, R.: Password authenticated key exchange based on RSA for imbalanced wireless networks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 150–161. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, City University of Hong Kong, Hong Kong, China

    Duncan S. Wong

  2. College of Computer Science, Northeastern University, Boston, MA, 02115, U.S.A.

    Agnes H. Chan & Feng Zhu

Authors
  1. Duncan S. Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Agnes H. Chan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Feng Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Electrical and Information Technology, Lund University, P.O. Box 118, 221 00, Lund, Sweden

    Thomas Johansson

  2. Indian Statistical Institute, 203 B T Road, 700 108, Kolkata, India

    Subhamoy Maitra

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wong, D.S., Chan, A.H., Zhu, F. (2003). More Efficient Password Authenticated Key Exchange Based on RSA. In: Johansson, T., Maitra, S. (eds) Progress in Cryptology - INDOCRYPT 2003. INDOCRYPT 2003. Lecture Notes in Computer Science, vol 2904. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24582-7_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24582-7_28

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20609-5

  • Online ISBN: 978-3-540-24582-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation