Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication
Password-based authenticated key exchange are protocols that are designed to provide strong authentication for client-server applications, such as online banking, even when the users’ secret keys are considered weak (e.g., a four-digit pin). In this paper, we address this problem in the three-party setting, in which the parties trying to authenticate each other and to establish a session key only share a password with a trusted server and not directly among themselves. This is the same setting used in the popular Kerberos network authentication system. More precisely, we introduce a new three-party password-based authenticated key exchange protocol. Our protocol is reasonably efficient and has a per-user computational cost that is comparable to that of the underlying two-party authenticated key exchange protocol. The proof of security is in the random oracle model and is based on new and apparently stronger variants of the decisional Diffie-Hellman problem which are of independent interest.
KeywordsPassword-based authentication Diffie-Hellman assumptions multi-party protocols
Unable to display preview. Download preview PDF.
- 2.Abdalla, M., Pointcheval, D.: Interactive Diffie-Hellman assumptions with applications to password-based authentication. Full version of current paper. Available from authors’ web pagesGoogle Scholar
- 4.Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
- 5.Bellare, M., Rogaway, P.: Provably secure session key distribution — the three party case. In: 28th ACM STOC. ACM Press, New York (1996)Google Scholar
- 6.Bellare, M., Rogaway, P.: The AuthA protocol for password-based authenticated key exchange. Contributions to IEEE P1363 (2000)Google Scholar
- 7.Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (1992)Google Scholar
- 11.Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. In: 30th ACM STOC. ACM Press, New York (1998)Google Scholar
- 16.Gong, L.: Optimal authentication protocols resistant to password guessing attacks. In: CSFW 1995, pp. 24–29. IEEE Computer Society, Los Alamitos (1995)Google Scholar
- 17.Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Transactions on Information and System Security, 524–543 (1999)Google Scholar
- 21.MacKenzie, P.: The PAK suite: Protocols for password-authenticated key exchange. Contributions to IEEE P1363.2 (2002)Google Scholar
- 23.Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)Google Scholar
- 26.Yeh, H.-T., Sun, H.-M., Hwang, T.: Efficient three-party authentication and key agreement protocols resistant to password guessing attacks. Journal of Information Science and Engineering 19(6), 1059–1070 (2003)Google Scholar