International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

A Secure Threshold Anonymous Password-Authenticated Key Exchange Protocol

Authors:
SeongHan Shin
Kazukuni Kobara
Hideki Imai
Download:
URL: http://eprint.iacr.org/2008/537
Search ePrint
Search Google
Abstract: At Indocrypt 2005, Viet et al., [22] have proposed an anonymous password-authenticated key exchange (PAKE) protocol and its threshold construction both of which are designed for client's password-based authentication and anonymity against a passive server, who does not deviate the protocol. In this paper, we first point out that their threshold construction is completely insecure against off-line dictionary attacks. For the threshold t > 1, we propose a secure threshold anonymous PAKE (for short, TAP) protocol with the number of clients n upper-bounded, such that n \leq 2 \sqrt{N-1} -1, where N is a dictionary size of passwords. We rigorously prove that the TAP protocol has semantic security of session keys in the random oracle model by showing the reduction to the computational Diffie-Hellman problem. In addition, the TAP protocol provides unconditional anonymity against a passive server. For the threshold t=1, we propose an efficient anonymous PAKE protocol that significantly improves efficiency in terms of computation costs and communication bandwidth compared to the original (not threshold) anonymous PAKE protocol [22].
BibTeX
@misc{eprint-2008-18171,
  title={A Secure Threshold Anonymous Password-Authenticated Key Exchange Protocol},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / password authentication, key exchange, PAKE, anonymity, provable security},
  url={http://eprint.iacr.org/2008/537},
  note={This is the full version of IWSEC2007 paper. seonghan.shin@aist.go.jp 14235 received 21 Dec 2008},
  author={SeongHan Shin and Kazukuni Kobara and Hideki Imai},
  year=2008
}