Skip to main content
SpringerLink
Log in

Efficient Password-Based Authenticated Key Exchange Protocol in the UC Framework

  • Conference paper
Book cover Information Security and Cryptology (Inscrypt 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6151))

Included in the following conference series:

  • 878 Accesses

Abstract

In this paper, we propose a new password-based authenticated key exchange (PAKE) protocol and prove its security within the universal composability (UC) framework. The security proof of this protocol is based on standard number-theoretic assumptions, i.e., without random oracle or ideal cipher assumption. Comparisons show that, our protocol is more efficient than Canetti et al.’s protocol, which is the most efficient two party PAKE protocol proven secure in the UC framework and based on standard number-theoretic assumptions. More specifically, our protocol saves 1 round of communication and 5 modular exponentiations when the underlying cryptosystem is instantiated with Cramer-Shoup public key cryptosystem. Moreover, our protocol avoids the usage of the one-time signature, which saves the bandwidth for transmitting the message and saves the computation for signature and verification.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdalla, M., Catalano, D., Chevalier, C., Pointcheval, D.: Efficient two-party password-based key exchange protocols in the UC framework. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 335–351. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Abadalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Bresson, E., Chevassut, O., Pointcheval, D.: Security proofs for an efficient password-based key exchange. In: Proc. of the 10th ACM Conference on Computer and Communications Security, pp. 241–250 (2003)

    Google Scholar 

  6. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proc. of 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145 (2001)

    Google Scholar 

  7. Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Canetti, R., Rabin, T.: Universal composition with joint state. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265–281. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences (18), 143–154 (1979)

    Article  MATH  MathSciNet  Google Scholar 

  10. Cramer, R., Shoup, V.: A practical public-key cryptosystem secure against adaptive chosen ciphertexts attacks. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)

    Google Scholar 

  11. Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM Journal of Computing 30(2), 391–437 (1999)

    Article  MathSciNet  Google Scholar 

  13. Even, S., Goldreich, O., Micali, S.: On-line/off-line digital signature. Journal of Gryptography (9), 35–67 (1996)

    MATH  MathSciNet  Google Scholar 

  14. Garay, J., MacKenzie, P., Yang, K.: Strengthening zero-knowledge protocols using signatures. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 177–194. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Gennaro, R.: Faster and shorter password-authenticated key exchange. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 589–606. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524–543. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Hastad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364–1396 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  18. Jiang, S., Gong, G.: Password based key exchange with mutual authentication. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 267–279. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. Katz, J., Ostrovsky, R., Yung, M.: Efficient password based authenticated key exchange using human memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Zhengzhou Information Science and Technology Institute, Zhengzhou, 450002, P. R. China

    Xuexian Hu & Wenfen Liu

Authors
  1. Xuexian Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenfen Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Infocomm Research, Singapore

    Feng Bao

  2. Google Inc. and Computer Science Department, Columbia University, Room 464, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  3. Institute of Software, SKLOIS, Chinese Academy of Sciences, 100190, Beijing, China

    Dongdai Lin

  4. SKLOIS, Graduate University of Chinese Academy of Sciences, 19A Yuquan Road, 100049, Beijing, China

    Jiwu Jing

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hu, X., Liu, W. (2010). Efficient Password-Based Authenticated Key Exchange Protocol in the UC Framework. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds) Information Security and Cryptology. Inscrypt 2009. Lecture Notes in Computer Science, vol 6151. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16342-5_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16342-5_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16341-8

  • Online ISBN: 978-3-642-16342-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation