Skip to main content
SpringerLink
Log in

A General Construction for Password-Based Authenticated Key Exchange from Witness PRFs

  • Conference paper
  • First Online:
Frontiers in Cyber Security (FCS 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1105))

Included in the following conference series:

  • 491 Accesses

Abstract

In cyber security, authenticated key exchange (AKE) can be used to achieve the privacy and authentication of data. As a relevant cryptographic protocol, password-based authenticated key exchange (PAKE) has been studied for its convenience. Recently, Katz and Vaikuntanathan proposed a round-optimal PAKE from smooth projective hash functions (SPHFs). However, the instantiation of smooth projective hash functions depends on the underlying NP-relation which is a CCA-secure encryption relation in their construction. In this paper, we apply a new cryptographic primitive named witness PRFs to construct PAKE. In our settings, the concrete construction of witness PRFs is independent of the underlying NP-relation. At this point, our construction is more general, and furthermore, we have a discussion on some possible NP-relations, which could be used to construct secure PAKE in our settings.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_14

    Chapter  Google Scholar 

  2. Abdalla, M.: Password-based authenticated key exchange: an overview. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 1–9. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12475-9_1

    Chapter  Google Scholar 

  3. Bird, R., et al.: The kryptoknight family of light-weight protocols for authentication and key distribution. IEEE/ACM Trans. Networking 3(1), 31–41 (1995)

    Article  Google Scholar 

  4. Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE S&P, pp. 72–84 (1992)

    Google Scholar 

  5. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_21

    Chapter  Google Scholar 

  6. Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: 30th Annual ACM Symposium on Theory of Computing (STOC 1998), pp. 419–428. ACM, Dallas (1998)

    Google Scholar 

  7. Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053428

    Chapter  Google Scholar 

  8. Bellare, M., Canetti, R., Krawczyk, H.: Provably secure session key distribution: the three party case. In: 27th Annual ACM Symposium on Theory of Computing (STOC 1995), pp. 57–66. ACM, Las Vegas (1995)

    Google Scholar 

  9. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_11

    Chapter  Google Scholar 

  10. Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_12

    Chapter  Google Scholar 

  11. Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_4

    Chapter  Google Scholar 

  12. Ding, J., Alsayigh, S., Lancrenon, J., RV, S., Snook, M.: Provably secure password authenticated key exchange based on RLWE for the post-quantum world. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 183–204. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52153-4_11

    Chapter  Google Scholar 

  13. Derler, D., Slamanig, D.: Practical witness encryption for algebraic languages or how to encrypt under Groth-Sahai proofs. Des. Codes Crypt. 86(11), 2525–2547 (2018)

    Article  MathSciNet  Google Scholar 

  14. Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. J. Cryptology 19(3), 241–340 (2006)

    Article  MathSciNet  Google Scholar 

  15. Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. ACM Trans. Inf. Syst. Secur. 9(2), 181–234 (2006)

    Article  Google Scholar 

  16. Kiltz, E., Pietrzak, K., Stam, M., Yung, M.: A new randomness extraction paradigm for hybrid encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 590–609. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_34

    Chapter  Google Scholar 

  17. Katz, J., Ostrovsky, R., Yung, M.: Efficient and secure authenticated key exchange using weak passwords. J. ACM 57(1), 1–39 (2009)

    Article  MathSciNet  Google Scholar 

  18. Katz, J., Vaikuntanathan, V.: Round-optimal password-based authenticated key exchange. J. Cryptology 26(4), 714–743 (2013)

    Article  MathSciNet  Google Scholar 

  19. Shoup, V.: OAEP reconsidered. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_15

    Chapter  Google Scholar 

  20. Whitfield, D., Martin, H.: New directions in cryptography. IEEE Trans. Inf. Theory 22(7), 644–654 (1976)

    MathSciNet  MATH  Google Scholar 

  21. Whitfield, D., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Crypt. 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  22. Xue, H., Li, B., Lu, X.: IND-PCA secure KEM Is enough for password-based authenticated key exchange (Short Paper). In: Obana, S., Chida, K. (eds.) IWSEC 2017. LNCS, vol. 10418, pp. 231–241. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64200-0_14

    Chapter  Google Scholar 

  23. Xue, H., Li, B., He, J.: New framework of password-based authenticated key exchange from only-one lossy encryption. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 188–198. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68637-0_11

    Chapter  Google Scholar 

  24. Yao, H., Wang, C.: A novel blockchain-based authenticated key exchange protocol and its applications. In: 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), pp. 609–614. IEEE, Guangzhou (2018)

    Google Scholar 

  25. Zhandry, M.: How to avoid obfuscation using witness PRFs. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 421–448. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49099-0_16

    Chapter  Google Scholar 

  26. Zhu, L., Guo, C., Zhang, Z., Fu, W., Xu, R.: A Novel Contributory Cross-domain group password-based authenticated key exchange protocol with adaptive security. In: 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), pp. 213–222. IEEE, Shenzhen (2017)

    Google Scholar 

Download references

Acknowledgment

The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. This work was partially supported by the National Natural Science Foundation of China (Grant No. 61632013).

Author information

Authors and Affiliations

  1. Key Laboratory of Electromagnetic Space Information, Chinese Academy of Sciences, School of Information Science and Technology, University of Science and Technology of China, Hefei, 230027, China

    Jiehui Nan, Mengce Zheng, Zilong Wang & Honggang Hu

Authors
  1. Jiehui Nan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mengce Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zilong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Honggang Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Jiehui Nan or Honggang Hu .

Editor information

Editors and Affiliations

  1. Xidian University, Xi’an, China

    Bazhong Shen

  2. Xidian University, Xi’an, China

    Baocang Wang

  3. Queen's University Belfast, Belfast, UK

    Jinguang Han

  4. Shaanxi Normal University, Xi'an, China

    Yong Yu

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nan, J., Zheng, M., Wang, Z., Hu, H. (2019). A General Construction for Password-Based Authenticated Key Exchange from Witness PRFs. In: Shen, B., Wang, B., Han, J., Yu, Y. (eds) Frontiers in Cyber Security. FCS 2019. Communications in Computer and Information Science, vol 1105. Springer, Singapore. https://doi.org/10.1007/978-981-15-0818-9_17

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-0818-9_17

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-0817-2

  • Online ISBN: 978-981-15-0818-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation