CryptoDB
A New Security Model for Cross-Realm C2C-PAKE Protocol
| Authors: | |
|---|---|
| Download: | |
| Abstract: | Cross realm client-to-client password authenticated key exchange (C2C-PAKE) schemes are designed to enable two clients in different realms to agree on a common session key using different passwords. In 2006, Yin-Bao presented the first provably secure cross-realm C2C-PAKE, which security is proven rigorously within a formally defined security model and based on the hardness of some computationally intractable assumptions. However, soon after, Phan et al. pointed out that the Yin-Bao scheme was flawed. In this paper, we first analyze the necessary security attributes in the cross-realm C2C-PAKE scenario, and then a new security model for cross-realm C2C-PAKE is given. Analogous to the general construction of 3PAKE protocol for single server C2C-PAKE setting, we give a general construction of cross-realm C2C-PAKE protocol, which security is proved in the new security model. |
BibTeX
@misc{eprint-2007-13622,
title={A New Security Model for Cross-Realm C2C-PAKE Protocol},
booktitle={IACR Eprint archive},
keywords={Password-authenticated key exchange, cross realm, client-to-client, provably secure, security model.},
url={http://eprint.iacr.org/2007/342},
note={ wangfj@nipc.org.cn 13755 received 29 Aug 2007, last revised 30 Aug 2007},
author={Fengjiao Wang and Yuqing Zhang},
year=2007
}