Abstract
We present a new threshold password-based authentication protocol that allows a roaming user(a user who accesses a network from different client terminals) to download a private key from remote servers with knowledge of only his identity and password. He does not need to carry the smart card storing his private information. We aim that a protocol has to allow a user to get his private key from the servers, even if some of the servers are compromised under the multi-server roaming system. In this paper, we firstly suggest a threshold password-only roaming protocol using (k,n)-threshold scheme which only k honest servers or more are engaged to reconstruct a secret key. Our scheme is based on bilinear pairings which could be built from Weil pairing or Tate pairing.
This work was partially supported by R&D Program for Fusion Strategy of Advanced Technologies, Ministry of Science and Technology in Korea
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Al-Riyami, S., Paterson, K.: Certificateless Public Key Cryptography (July 2003), available at http://www.ime.usp.br/~rt/cranalysis/CertifLessPKC.pdf
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Bellovin, S., Merritt, M.: Encrypted Key Exchange: Password-based Protocols Secure against Dictionary Attacks. In: Proc. of IEEE Symposium on Research in Security and Privacy (May 1992)
Bellovin, S., Merritt, M.: Augmented Encrypted Key Exchange: A Password based Protocol Secure Against Dictionary Attacks and Password File Compromise. Technical Report, AT&T Bell Laboratories (1994)
Baek, J., Zheng, Y.: Identity-Based Threshold Decryption. IACR eprint, 2003/164
Ford, W., Kaliski, B.: Server-Assisted Generation of a Strong Secret from a Password. In: Proc. 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise, June 14-16. IEEE, Los Alamitos (2000)
Hess, F.: Efficient Identity Based Signature Schemes Based on Pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)
Jablon, D.: Strong Password-Only Authenticated Key Exchange. ACM Computer Communications Review (October 1996)
Jablon, D.P.: Password Authentication Using Multiple Servers. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 344–360. Springer, Heidelberg (2001)
Libert, B., Quisquater, J.: Efficient Revocation and Threshold Pairing Based Cryptosystems. In: PODC 2003, July 13-16, pp. 163–171 (2003)
Gennaro, R.: Theory and Practice of Verifiable Secret Sharing. PhD Thesis, MIT (May 1996)
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure Distributed Key Generation for Discrete-Log Based Cryptosystems. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 295–310. Springer, Heidelberg (1999)
Jarecki, S.: Efficient Threshold Cryptosystems. PhD Thesis, MIT (June 2001)
MacKenzie, P., Shirmpton, T., Jakobsson, M.: Threshold Password- Authenticated Key Exchange(Extended Abstract). In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 385–400. Springer, Heidelberg (2002)
Pedersen, T.: Non-interactive and Information Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)
Perlman, R., Kaufman, C.: Secure Password-Based Protocol for Downing a Private Key. In: Proc. 1999 Network and Distributed System Security Symposium, January 1999. Internet Society, San Diego (1999)
Shamir, A.: How to Share a Secret. Communication of the ACM 22(11), 612–613 (1979)
Vo, D., Zhang, F., Kim, K.: A New Threshold Blind Signature Scheme from Pairings. In: SCIS 2003, January 2003, vol. 1/2, pp. 233–238 (2003)
Wu, T.: The Secure Remote Password Protocol. In: Proc. of Network and Distributed System Security Symposium, January 1998, pp. 97–111. Internet Society, San Diego (1998)
Pedersen, T.: Non-interactive and Information theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)
Cha, J., Cheon, J.: An Identity-Based Signature from Gap Diffie-Hellman Groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, S., Han, K., Kang, Sk., Kim, K., Ine, S.R. (2004). Threshold Password-Based Authentication Using Bilinear Pairings. In: Katsikas, S.K., Gritzalis, S., López, J. (eds) Public Key Infrastructure. EuroPKI 2004. Lecture Notes in Computer Science, vol 3093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25980-0_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-25980-0_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22216-3
Online ISBN: 978-3-540-25980-0
eBook Packages: Springer Book Archive