CryptoDB
A New Framework for Password-Based Authenticated Key Exchange
Authors: | |
---|---|
Download: | |
Abstract: | Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction offers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability~(UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al. |
BibTeX
@misc{eprint-2010-23048, title={A New Framework for Password-Based Authenticated Key Exchange}, booktitle={IACR Eprint archive}, keywords={cryptographic protocols / password-based key exchange}, url={http://eprint.iacr.org/2010/147}, note={ACM CCCS 2010 jkatz@cs.umd.edu 14782 received 19 Mar 2010, last revised 22 Jun 2010}, author={Adam Groce and Jonathan Katz}, year=2010 }