Abstract
A gateway-oriented password-based authenticated key exchange (GPAKE) is a three-party protocol, which allows a client and a gateway to establish a common session key with the help of an authentication server. To date, most of the published GPAKE protocols have been subjected to undetectable on-line dictionary attacks. The security models for GPAKE are not strong enough to capture such attacks. In this paper, we define a new security model for GPAKE, which is stronger than previous models and captures desirable security requirement of GPAKE. We also propose an efficient GPAKE protocol and prove its security under the DDH assumption in our model. Our scheme assumes no pre-established secure channels between the gateways and the server unlike previous schemes, but just authenticated channels between them. Compared with related schemes, our protocol achieves both higher efficiency and stronger security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abdalla, M., Chevassut, O., Fouque, P.A., Pointcheval, D.: A simple threshold authenticated key exchange from short secrets. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 566–584. Springer, Heidelberg (2005)
Abdalla, M., Chevassut, O., Pointcheval, D.: One-time verifier-based encrypted key exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47–64. Springer, Heidelberg (2005)
Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)
Abdalla, M., Izabachene, M., Pointcheval, D.: Anonymous and transpanent gateway-based password-authenticated key exchange. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 133–148. Springer, Heidelberg (2008)
Abdalla, M., Pointcheval, D.: Interactive Diffie-Hellman assumptions with applications to password-Based Authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005)
Bresson, E., Chevassut, O., Pointcheval, D.: New security results on encrypted key exchange. In: Bao, F. (ed.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)
Byun, J.W., Lee, D.H., Lim, J.I.: Security analysis and improvement of a gateway-oriented password-based authenticated key exchange protocol. IEEE Communications Letters 10(9), 683–685 (2006)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Canetti, R., Halevi, S., Katz, J.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)
Ding, Y., Horster, P.: Undetectable on-line password guessing attacks. ACM Operating Systems Review 29, 77–86 (1995)
Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524–543. Springer, Heidelberg (2003)
Wang, W., Hu, L.: Efficient and provably secure generic construction of three-party password-based authenticated key exchange Protocols. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 118–132. Springer, Heidelberg (2006)
Shim, K.A.: Cryptanalysis and enhancement of modified gateway-oriented password-based authenticated key exchange protocol. IEICE Trans. Fundamentals E91-A(12), 3837–3839 (2008)
Yoneyama, K.: Efficient and strongly secure password-based server aided key exchange. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 172–184. Springer, Heidelberg (2008)
Yoon, E.j., Yoo, K.Y.: An optimized gateway-oriented password-based authenticated key exchange protocol. IEICE Trans. Fundamentals E93-A(4), 850–853 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wei, F., Ma, C., Zhang, Z. (2011). Gateway-Oriented Password-Authenticated Key Exchange Protocol with Stronger Security. In: Boyen, X., Chen, X. (eds) Provable Security. ProvSec 2011. Lecture Notes in Computer Science, vol 6980. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24316-5_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-24316-5_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24315-8
Online ISBN: 978-3-642-24316-5
eBook Packages: Computer ScienceComputer Science (R0)