International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: A New Framework for Password-Based Authenticated Key Exchange

Adam Groce
Jonathan Katz
Search ePrint
Search Google
Abstract: Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction offers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability~(UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al.
  title={A New Framework for Password-Based Authenticated Key Exchange},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / password-based key exchange},
  note={ACM CCCS 2010 14782 received 19 Mar 2010, last revised 22 Jun 2010},
  author={Adam Groce and Jonathan Katz},