N-Party Encrypted Diffie-Hellman Key Exchange Using Different Passwords
We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N–1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients’ distinct passwords have been suggested.
In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.
KeywordsPassword Encrypted key exchange N-party authentication different password authentication authenticated key exchange dictionary attacks
Unable to display preview. Download preview PDF.
- 3.Beraldi, R., Baldoni, R.: Unicast routing techniques for mobile ad hoc networks. CRC Press, Inc., Boca Raton (2003), ISBN:0-8493-1322-5Google Scholar
- 5.Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the First ACM Conference on Computer and Communications Security. ACM, New York (1995)Google Scholar
- 6.Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
- 9.Basile, C., Killijian, M.-O., Powell, D.: A survey of dependability issues in mobile wireless networks., Technical Report, LAAS CNRS Toulouse, France (February 2003), http://www.crhc.uiuc.edu/~basilecl/papers/mobile.ps
- 12.Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group diffie-hellman key exchange. In: Proceedings of 8th ACM Conference on Computer and Communications Security, pp. 255–264 (2001)Google Scholar
- 20.Chen, L.: A Weakness of the Password-Authenticated Key Agreement between Clients with Different Passwords Scheme, ISO/IEC JTC 1/SC27 N3716Google Scholar
- 21.Cordeiro, C., Agrawal, D.: Mobile ad hoc networking. In: Tutorial/Short Course in 20 th Brazilian Symposium on Computer Networks, pp. 125–186 (May 2002)Google Scholar
- 25.Halevi, S., Krawczyk, H.: Public-key cryptography and password protcols. In: Proceedings ACM Conference on Computer and Communications Security, pp. 63–72. ACM Press, New York (1999)Google Scholar
- 26.IEEE P802.11i/D10.0, Wireless medium access control (MAC) and physical layer (PHY) specifications: medium access control (MAC) security enhancements (April 2004)Google Scholar
- 29.Kashyap, H.: Nishar, and P. Agarwal, Survey on unicast routing in mobile ad hoc networks (2001), This paper is available at http://www.cs.unibo.it/people/faculty/bononi/Sim2003/Papers/surveyrouting..pdf
- 30.Kim, J., Kim, S., Kwak, J., Won, D.: Cryptanalysis and Improvements of Password Authenticated Key Exchange Scheme between Clients with Different Passwords. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3044, pp. 895–902. Springer, Heidelberg (2004)CrossRefGoogle Scholar
- 31.Kuosmanen, P.: Classification of ad hoc routing protocols (2003), Available at http://eia.udg.es/~lilianac/docs/classification-of-ad-hoc.pdf
- 34.Lucks, S.: Open key exchange: how to defeat dictionary attacks without encryting public keys. In: Proceedings of the security protocol workshop 1997, pp. 79–90 (1997)Google Scholar
- 36.Steiner, M., Tsudik, G.: Diffie-hellman key distribution extended to groups. In: Proceedings of ACM CCS 1996. ACM Press, New York (1996)Google Scholar
- 38.Tzeng, W.: A secure fault-tolerant conference-key agreement protocol. IEEE Transaction on Computers 51(4) (2002)Google Scholar
- 41.Wu, T.: Secure remote password protocol. In: Proceedings of the Internet Society Network and Distributed System Security Symposium, pp. 97–111 (1998)Google Scholar