International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Password-Authenticated Multi-Party Key Exchange with Different Passwords

Jeong Ok Kwon
Ik Rae Jeong
Kouichi Sakurai
Dong Hoon Lee
Search ePrint
Search Google
Abstract: Password-authenticated key exchange (PAKE) allows two or multiple parties to share a session key using a human-memorable password only. PAKE has been applied in various environments, especially in the "clientserver" model of remotely accessed systems. Designing a secure PAKE scheme has been a challenging task because of the low entropy of password space and newly recognized attacks in the emerging environments. In this paper, we study PAKE for multi-party with different passwords which allows group users with different passwords to agree on a common session key by the help of a trusted server using their passwords only. In this setting, the users do not share a password between themselves but only with the server. The fundamental security goal of PAKE is security against dictionary attacks. We present the first two provably secure protocols for this problem in the standard model under the DDH assumption; our first protocol is designed to provide forward secrecy and to be secure against known-key attacks. The second protocol is designed to additionally provide key secrecy against curious servers. The protocols require a constant number of rounds.
  title={Password-Authenticated Multi-Party Key Exchange with Different Passwords},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / Provable security, group key exchange, password-based authentication, dictionary attacks},
  note={ 13507 received 18 Dec 2006, last revised 25 Dec 2006},
  author={Jeong Ok Kwon and Ik Rae Jeong and Kouichi Sakurai and Dong Hoon Lee},