Skip to main content
SpringerLink
Log in

Privacy-Preserving Password-Based Authenticated Key Exchange in the Three-Party Setting

  • Conference paper
Network and System Security (NSS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7873))

Included in the following conference series:

  • 3654 Accesses

Abstract

Security and privacy are two important objectives in modern communication environments. However, compared with security, privacy issues have not been well addressed, especially in the password-only setting, of which unique secret is the password. In this paper, we treat privacy in the password-only setting as an independent notion, and propose the first provable privacy-preserving 3-party password-based authenticated key exchange (PP-3PAKE) scheme under an unified security and privacy model.

The work is partially supported by the Fundamental Research Funds for the Central Universities under Grant Nos.2012JBM104 and 2012JBM004.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Abdalla, M., Pointcheval, D.: Interactive diffie-hellman assumptions with applications to password-based authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Balfanz, D., Durfee, G., Shankar, N., Smetters, D.K., Staddon, J., Wong, H.-C.: Secret handshakes from pairing-based key agreements. In: IEEE Symposium on Security and Privacy, pp. 180–196. IEEE Computer Society (2003)

    Google Scholar 

  4. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  6. Bellare, M., Rogaway, P.: Provably secure session key distribution: the three party case. In: ACM Symposium on Theory of Computing - STOC 1995, pp. 57–66. ACM (1995)

    Google Scholar 

  7. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society Press (1992)

    Google Scholar 

  8. Bresson, E., Chevassut, O., Pointcheval, D.: New security results on encrypted key exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Bresson, E., Chevassut, O., Pointcheval, D.: Provably authenticated group diffie-hellman key exchange - the dynamic case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Byun, J.W., Lee, D.H.: N-party encrypted diffie-hellman key exchange using different passwords. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 75–90. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Castelluccia, C., Jarecki, S., Tsudik, G.: Secret handshakes from CA-oblivious encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Jarecki, S., Kim, J., Tsudik, G.: Authentication for paranoids: Multi-party secret handshakes. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 325–339. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. MacKenzie, P.D.: The pak suite: Protocols for password-authenticated key exchange. Submission to IEEE P1363.2 (2002)

    Google Scholar 

  16. Shin, S., Kobara, K., Imai, H.: A secure threshold anonymous password-authenticated key exchange protocol. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 444–458. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  17. Tsudik, G., Xu, S.: A flexible framework for secret handshakes. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 295–315. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  18. Tzeng, W.-G.: Efficient 1-out-n oblivious transfer schemes. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 159–171. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. Viet, D.Q., Yamamura, A., Tanaka, H.: Anonymous password-based authenticated key exchange. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 244–257. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Wang, W., Hu, L., Li, Y.: How to construct secure and efficient three-party password-based authenticated key exchange protocols. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 218–235. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  21. Xu, S., Yung, M.: k-anonymous secret handshakes with reusable credentials. In: Atluri, V., Pfitzmann, B., McDaniel, P.D. (eds.) ACM Conference on Computer and Communications Security, pp. 158–167. ACM (2004)

    Google Scholar 

  22. Yang, J., Zhang, Z.: A new anonymous password-based authenticated key exchange protocol. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 200–212. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Science, Beijing Jiaotong University, Beijing, 100044, P.R.China

    Weijia Wang

  2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100049, P.R. China

    Lei Hu

  3. School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing, 100044, P.R. China

    Yong Li

Authors
  1. Weijia Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lei Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, ETSI Informatica, University of Malaga, Campus de Teatinos, 29071, Malaga, Spain

    Javier Lopez

  2. School of Mathematics and Computer Science, Fujian Normal University, No. 32 Shangsan Road, 350007, Fuzhou, China

    Xinyi Huang

  3. Institute for Cyber Security,, University of Texas at San Antonio, One UTSA Circle, 78249, San Antonio, TX, USA

    Ravi Sandhu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, W., Hu, L., Li, Y. (2013). Privacy-Preserving Password-Based Authenticated Key Exchange in the Three-Party Setting. In: Lopez, J., Huang, X., Sandhu, R. (eds) Network and System Security. NSS 2013. Lecture Notes in Computer Science, vol 7873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38631-2_37

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38631-2_37

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38630-5

  • Online ISBN: 978-3-642-38631-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation