Password-Authenticated Key Exchange between Clients with Different Passwords

  • Jin Wook Byun
  • Ik Rae Jeong
  • Dong Hoon Lee
  • Chang-Seop Park
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2513)


Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Pas sword-Authenticated Key Exchange (C2C-PAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.


Password authentication key exchange cross-realm Kerberos dictionary attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Bellare, D. Pointcheval and P. Rogaway, “Authenticated key exchange secure against dictionary attacks”, Eurocrypt’00, LNCS Vol. 1807, pp. 139–155, Springer-Verlag, 2000.Google Scholar
  2. 2.
    S. Bellovin and M. Merrit, “Encrypted key exchange: password based protocols secure against dictionary attacks”, In Proceedings of the Symposium on Security and Privacy, pp. 72–84, IEEE, 1992.Google Scholar
  3. 3.
    C. Boyd, A. Mathuria, “Key establishment protocols for secure mobile communications: A selective survey”, ACISP’98, LNCS Vol. 1438, pp. 344–355, Springer-Verlag, 1998.Google Scholar
  4. 4.
    V. Boyko, P. MacKenzie, and S. Patel, “Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman”, Eurocrypt’00, LNCS Vol. 1807, pp. 156–171, Springer-Verlag, 2000Google Scholar
  5. 5.
    G. D. Crescenzo, O. Kornievskaia, “Efficient kerberized multicast in a practical distributed setting”, ISC’01, LNCS Vol. 2200, pp. 27–45, Springer-Verlag, 2001.Google Scholar
  6. 6.
    D. Denning, G. Sacco, “Timestamps in key distribution protocols”, Communications of the ACM, Vol. 24, No. 8, pp. 533–536, 1981.CrossRefGoogle Scholar
  7. 7.
    D. Jablon, “Strong password-only authenticated key exchange”, Computer Communication Review, Vol. 26, No. 5, pp. 5–26, 1996.CrossRefGoogle Scholar
  8. 8.
    O. Goldreich and Y. Lindell, “Session-Key Generation Using Human Passwords Only”, Crypto’01, LNCS Vol. 2139, pp. 408–432, Springer-Verlag, 2001.Google Scholar
  9. 9.
    B. Jaspan, “Dual-workfactor encrypted key exchange: Efficiency preventing password chaining attacks”, In Proceedings of the sixth annual USENIX security conference, pp. 43–50, July 1996.Google Scholar
  10. 10.
    M. Hur, B. Tung, T. Ryutov, C. Neuman, A. Medvinsky, G. Tsudik, and B. Sommerfeld, “Pulbic key cryptography for cross-realm authentication in kerberos”, Internet draft, May 2001.Google Scholar
  11. 11.
    J. Katz, R. Ostrovsky and M. Yung, “Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords”, Eurocrypt’01, LNCS Vol. 2045, pp. 475–494, Springer-Verlag, 2001.Google Scholar
  12. 12.
    S. Lucks, “Open key exchange: How to defeat dictionary attacks without encryting public keys”, The security Protocol Workshop’ 97, pp. 79–90, 1997.Google Scholar
  13. 13.
    M. Steiner, G. Tsudik, and M. Waider, “Refinement and extension of encrypted key exchange”, A CM Operation Sys. Review, Vol. 29, No. 3, pp. 22–30, 1995.CrossRefGoogle Scholar
  14. 14.
    S. P. Miller, B. C. Neuman, J. I. Schiller, J. H. Saltzer, “Kerberos Authentication and Authorization System”, Section E.2.1, Project Athena Technical Plan, M.I.T. October 1988.Google Scholar
  15. 15.
    T. Wu, “Secure Remote Password Protocol”, In Proceedings of the Internet Society Network and Distributed System Security Symposium, pp. 97–111, 1998.Google Scholar
  16. 16.
    T. Wu, “A Real-World Analysis of Kerberos Password Security”, In Proceedings of the Internet Society Network and Distributed System Security Symposium, 1999.Google Scholar
  17. 17.
    V. Varadharajan and Y. Mu, “On the Design of Security Protocols for Mobile Communications”, In Proceedings of Twelfth Annual Computer Security Applications Conference, pp. 78–87. IEEE Computer Society Press, 1996.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Jin Wook Byun
    • 1
  • Ik Rae Jeong
    • 1
  • Dong Hoon Lee
    • 1
  • Chang-Seop Park
    • 2
  1. 1.Center for Information Security Technologies(CIST)Korea UniversitySeoulKorea
  2. 2.Division of Computer Science & ElectronicsDankook UniversityCheonanKorea

Personalised recommendations