N-Party Encrypted Diffie-Hellman Key Exchange Using Different Passwords

  • Jin Wook Byun
  • Dong Hoon Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3531)


We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N–1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients’ distinct passwords have been suggested.

In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.


Password Encrypted key exchange N-party authentication different password authentication authenticated key exchange dictionary attacks 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abdalla, M., Bellare, M., Rogaway, P.: The oracle diffie-hellman assumptions and an analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    Beraldi, R., Baldoni, R.: Unicast routing techniques for mobile ad hoc networks. CRC Press, Inc., Boca Raton (2003), ISBN:0-8493-1322-5Google Scholar
  4. 4.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the First ACM Conference on Computer and Communications Security. ACM, New York (1995)Google Scholar
  6. 6.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
  7. 7.
    Bellovin, S., Merrit, M.: Encrypted key exchange: password based protocols secure against dictionary attacks. In: Proceedings of the Symposium on Security and Privacy, pp. 72–84. IEEE, Los Alamitos (1992)CrossRefGoogle Scholar
  8. 8.
    Blake-Wilson, S., Jhonson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 30–45. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Basile, C., Killijian, M.-O., Powell, D.: A survey of dependability issues in mobile wireless networks., Technical Report, LAAS CNRS Toulouse, France (February 2003),
  10. 10.
    Boyd, C., Mathuria, A.: Key establishment protocols for secure mobile communications: A selective survey. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 344–355. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  11. 11.
    Bresson, E., Chevassut, O., Pointcheval, D.: Group diffie-hellman key exchange secure against dictionary attacks. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 497–514. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group diffie-hellman key exchange. In: Proceedings of 8th ACM Conference on Computer and Communications Security, pp. 255–264 (2001)Google Scholar
  13. 13.
    Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.J.: Provably authenticated group diffie-hellman key exchange in the dynamic case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic group diffie-hellman key exchange under standard assumptions. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 321–336. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Bresson, E., Chevassut, O., Pointcheval, D.: The group diffie-hellman problems. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 325–338. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  17. 17.
    Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  18. 18.
    Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  19. 19.
    Byun, J., Jeong, I., Lee, D., Park, C.: Password-authenticated key exchange between clients with different passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  20. 20.
    Chen, L.: A Weakness of the Password-Authenticated Key Agreement between Clients with Different Passwords Scheme, ISO/IEC JTC 1/SC27 N3716Google Scholar
  21. 21.
    Cordeiro, C., Agrawal, D.: Mobile ad hoc networking. In: Tutorial/Short Course in 20 th Brazilian Symposium on Computer Networks, pp. 125–186 (May 2002)Google Scholar
  22. 22.
    Denning, D., Sacco, G.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1981)CrossRefGoogle Scholar
  23. 23.
    Ding, Y., Horster, P.: Undetectable on-line password guessing attacks. ACM Operating Systems Review 29(4), 77–86 (1995)CrossRefGoogle Scholar
  24. 24.
    Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Halevi, S., Krawczyk, H.: Public-key cryptography and password protcols. In: Proceedings ACM Conference on Computer and Communications Security, pp. 63–72. ACM Press, New York (1999)Google Scholar
  26. 26.
    IEEE P802.11i/D10.0, Wireless medium access control (MAC) and physical layer (PHY) specifications: medium access control (MAC) security enhancements (April 2004)Google Scholar
  27. 27.
    Jablon, D.: Strong password-only authenticated key exchange. Computer Communication Review 26(5), 5–26 (1996)CrossRefGoogle Scholar
  28. 28.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  29. 29.
    Kashyap, H.: Nishar, and P. Agarwal, Survey on unicast routing in mobile ad hoc networks (2001), This paper is available at
  30. 30.
    Kim, J., Kim, S., Kwak, J., Won, D.: Cryptanalysis and Improvements of Password Authenticated Key Exchange Scheme between Clients with Different Passwords. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3044, pp. 895–902. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  31. 31.
    Kuosmanen, P.: Classification of ad hoc routing protocols (2003), Available at
  32. 32.
    Lin, C., Sun, H., Hwang, T.: Three-party encrypted key exchange: attacks and a solution. ACM Operating Systems Review 34(4), 12–20 (2000)CrossRefGoogle Scholar
  33. 33.
    Lin, C., Sun, H., Steiner, M., Hwang, T.: Three-party Encrypted Key Exchange Without Server Public-Keys. IEEE Communications Letters 5(12), 497–499 (2001)CrossRefGoogle Scholar
  34. 34.
    Lucks, S.: Open key exchange: how to defeat dictionary attacks without encryting public keys. In: Proceedings of the security protocol workshop 1997, pp. 79–90 (1997)Google Scholar
  35. 35.
    Steiner, M., Tsudik, G., Waider, M.: Refinement and extension of encrypted key exchange. ACM Operation Sys. Review 29(3), 22–30 (1995)CrossRefGoogle Scholar
  36. 36.
    Steiner, M., Tsudik, G.: Diffie-hellman key distribution extended to groups. In: Proceedings of ACM CCS 1996. ACM Press, New York (1996)Google Scholar
  37. 37.
    Shoup, V.: OAEP reconsidered. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 239–259. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  38. 38.
    Tzeng, W.: A secure fault-tolerant conference-key agreement protocol. IEEE Transaction on Computers 51(4) (2002)Google Scholar
  39. 39.
    Varadharajan, V., Mu, Y.: On the design of security protocols for mobile communications. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 134–145. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  40. 40.
    Wang, S., Wang, J., Xu, M.: Weakness of a Password-authenticated Key Exchange Protocol Between Clients with Different Passwords. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 414–425. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  41. 41.
    Wu, T.: Secure remote password protocol. In: Proceedings of the Internet Society Network and Distributed System Security Symposium, pp. 97–111 (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Jin Wook Byun
    • 1
  • Dong Hoon Lee
    • 1
  1. 1.Center for Information Security Technologies (CIST)Korea UniversitySeoulKorea

Personalised recommendations