Advertisement

Privacy-Preserving Password-Based Authenticated Key Exchange in the Three-Party Setting

  • Weijia Wang
  • Lei Hu
  • Yong Li
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7873)

Abstract

Security and privacy are two important objectives in modern communication environments. However, compared with security, privacy issues have not been well addressed, especially in the password-only setting, of which unique secret is the password. In this paper, we treat privacy in the password-only setting as an independent notion, and propose the first provable privacy-preserving 3-party password-based authenticated key exchange (PP-3PAKE) scheme under an unified security and privacy model.

Keywords

password-based authenticated key exchange secret handshake oblivious transfer privacy 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Abdalla, M., Pointcheval, D.: Interactive diffie-hellman assumptions with applications to password-based authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D.K., Staddon, J., Wong, H.-C.: Secret handshakes from pairing-based key agreements. In: IEEE Symposium on Security and Privacy, pp. 180–196. IEEE Computer Society (2003)Google Scholar
  4. 4.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Rogaway, P.: Provably secure session key distribution: the three party case. In: ACM Symposium on Theory of Computing - STOC 1995, pp. 57–66. ACM (1995)Google Scholar
  7. 7.
    Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society Press (1992)Google Scholar
  8. 8.
    Bresson, E., Chevassut, O., Pointcheval, D.: New security results on encrypted key exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Bresson, E., Chevassut, O., Pointcheval, D.: Provably authenticated group diffie-hellman key exchange - the dynamic case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Byun, J.W., Lee, D.H.: N-party encrypted diffie-hellman key exchange using different passwords. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 75–90. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Castelluccia, C., Jarecki, S., Tsudik, G.: Secret handshakes from CA-oblivious encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Jarecki, S., Kim, J., Tsudik, G.: Authentication for paranoids: Multi-party secret handshakes. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 325–339. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    MacKenzie, P.D.: The pak suite: Protocols for password-authenticated key exchange. Submission to IEEE P1363.2 (2002)Google Scholar
  16. 16.
    Shin, S., Kobara, K., Imai, H.: A secure threshold anonymous password-authenticated key exchange protocol. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 444–458. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Tsudik, G., Xu, S.: A flexible framework for secret handshakes. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 295–315. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Tzeng, W.-G.: Efficient 1-out-n oblivious transfer schemes. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 159–171. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  19. 19.
    Viet, D.Q., Yamamura, A., Tanaka, H.: Anonymous password-based authenticated key exchange. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 244–257. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Wang, W., Hu, L., Li, Y.: How to construct secure and efficient three-party password-based authenticated key exchange protocols. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 218–235. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  21. 21.
    Xu, S., Yung, M.: k-anonymous secret handshakes with reusable credentials. In: Atluri, V., Pfitzmann, B., McDaniel, P.D. (eds.) ACM Conference on Computer and Communications Security, pp. 158–167. ACM (2004)Google Scholar
  22. 22.
    Yang, J., Zhang, Z.: A new anonymous password-based authenticated key exchange protocol. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 200–212. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Weijia Wang
    • 1
  • Lei Hu
    • 2
  • Yong Li
    • 3
  1. 1.School of ScienceBeijing Jiaotong UniversityBeijingP.R.China
  2. 2.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingP.R. China
  3. 3.School of Electronic and Information EngineeringBeijing Jiaotong UniversityBeijingP.R. China

Personalised recommendations