Universally Composable Password-Based Key Exchange

  • Ran Canetti
  • Shai Halevi
  • Jonathan Katz
  • Yehuda Lindell
  • Phil MacKenzie
Conference paper

DOI: 10.1007/11426639_24

Part of the Lecture Notes in Computer Science book series (LNCS, volume 3494)
Cite this paper as:
Canetti R., Halevi S., Katz J., Lindell Y., MacKenzie P. (2005) Universally Composable Password-Based Key Exchange. In: Cramer R. (eds) Advances in Cryptology – EUROCRYPT 2005. EUROCRYPT 2005. Lecture Notes in Computer Science, vol 3494. Springer, Berlin, Heidelberg

Abstract

We propose and realize a definition of security for password-based key exchange within the framework of universally composable (UC) security, thus providing security guarantees under arbitrary composition with other protocols. In addition, our definition captures some aspects of the problem that were not adequately addressed by most prior notions. For instance, it does not assume any underlying probability distribution on passwords, nor does it assume independence between passwords chosen by different parties. We also formulate a definition of password-based secure channels, and show that such a definition is achievable given password-based key exchange.

Our protocol realizing the new definition of password-based key exchange is in the common reference string model and relies on standard number-theoretic assumptions. The components of our protocol can be instantiated to give a relatively efficient solution which is conceivably usable in practice. We also show that it is impossible to satisfy our definition in the “plain” model (e.g., without a common reference string).

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Ran Canetti
    • 1
  • Shai Halevi
    • 1
  • Jonathan Katz
    • 2
  • Yehuda Lindell
    • 3
  • Phil MacKenzie
    • 4
  1. 1.IBM T.J. Watson Research CenterHawthorneUSA
  2. 2.Dept. of Computer ScienceUniversity of MarylandUSA
  3. 3.Department of Computer ScienceBar-Ilan UniversityIsrael
  4. 4.Bell LabsLucent TechnologiesMurray HillUSA

Personalised recommendations