Skip to main content
SpringerLink
Log in

Secure Cross-Realm Client-to-Client Password-Based Authenticated Key Exchange Against Undetectable On-Line Dictionary Attacks

  • Conference paper
Applied Algebra, Algebraic Algorithms and Error-Correcting Codes (AAECC 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4851))

Abstract

The cross-realm client-to-client password-based authenticated key exchange (C2C-PAKE) is protocol which two clients in two different realms with different passwords exchange a session key through their corresponding servers. Recently, a provably secure cross-realm C2C-PAKE scheme with the optimal number of rounds for a client is pointed out that the scheme is insecure against an undetectable on-line dictionary attack and an unknown-key share attack. In this paper, we propose a new cross-realm C2C-PAKE scheme with the optimal number of rounds for a client, which has resistances to previously considered attacks which should be prevented, including undetectable on-line dictionary attacks and unknown-key share attacks. Moreover, our scheme assumes no pre-established secure channels between different realms, but just basic setups of ID-based systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. In: IEEE S&P 1992, pp. 72–84 (1992)

    Google Scholar 

  2. Jablon, D.P.: Strong Password-Only Authenticated Key Exchange. Computer Communication Review, ACM SIGCOMM 26(5), 5–26 (1996)

    Article  Google Scholar 

  3. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Boyko, V., MacKenzie, P.D., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Goldreich, O., Lindell, Y.: Session-Key Generation Using Human Passwords Only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Katz, J., Ostrovsky, R., Yung, M.: Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Gennaro, R., Lindell, Y.: A Framework for Password-Based Authenticated Key Exchange. In: Biham, E. (ed.) Advances in Cryptology – EUROCRPYT 2003. LNCS, vol. 2656, pp. 408–432. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Nguyen, M.H., Vadhan, S.P.: Simpler Session-Key Generation from Short Random Passwords. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 428–445. Springer, Heidelberg (2004)

    Google Scholar 

  9. Abdalla, M., Pointcheval, D.: Simple Password-Based Encrypted Key Exchange Protocols. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)

    Google Scholar 

  10. Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.D.: Universally Composable Password-Based Key Exchange. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)

    Google Scholar 

  11. Steiner, M., Tsudik, G., Waidner, M.: Refinement and Extension of Encrypted Key Exchange. ACM Operating Systems Review 29(3), 22–30 (1995)

    Article  Google Scholar 

  12. Lin, C.L., Sun, H.M., Hwang, T.: Three-party Encrypted Key Exchange: Attacks and A Solution. ACM Operating Systems Review 34(4), 12–20 (2000)

    Article  Google Scholar 

  13. Lee, T.F., Hwang, T., Lin, C.L.: Enhanced three-party encrypted key exchange without server public keys. Elsevier Computers & Security 23(7), 571–577 (2004)

    Article  Google Scholar 

  14. Chang, Y.F., Chang, C.C.: Password-authenticated 3PEKE with Round Efficiency without Server’s Public Key. In: CW 2005, pp. 340–344 (2005)

    Google Scholar 

  15. Abdalla, M., Fouque, P.A., Pointcheval, D.: Password-Based Authenticated Key Exchange in the Three-Party Setting. In: Public Key Cryptography 2005, pp. 65–84 (2005)

    Google Scholar 

  16. Byun, J.W., Lee, D.H.: N-Party Encrypted Diffie-Hellman Key Exchange Using Different Passwords. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 75–90. Springer, Heidelberg (2005)

    Google Scholar 

  17. Lu, R., Cao, Z.: Simple three-party key exchange protocol. Elsevier Computers & Security 26(1), 94–97 (2007)

    Article  Google Scholar 

  18. Byun, J.W., Jeong, I.R., Lee, D.H., Park, C.S.: Password-Authenticated Key Exchange between Clients with Different Passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. Chen, L.: A Weakness of the Password-Authenticated Key Agreement between Clients with Different Passwords Scheme. In: ISO/IEC JTC 1/SC27 N3716 (2003)

    Google Scholar 

  20. Wang, S., Wang, J., Xu, M.: Weaknesses of a Password-Authenticated Key Exchange Protocol between Clients with Different Passwords. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 414–425. Springer, Heidelberg (2004)

    Google Scholar 

  21. Kim, J., Kim, S., Kwak, J., Won, D.: Cryptanalysis and Improvement of Password Authenticated Key Exchange Scheme between Clients with Different Passwords. In: Laganà, A., Gavrilova, M., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 895–902. Springer, Heidelberg (2004)

    Google Scholar 

  22. Phan, R.C.W., Goi, B.M.: Cryptanalysis of an Improved Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) Scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 33–39. Springer, Heidelberg (2005)

    Google Scholar 

  23. Byun, J.W., Lee, D.H., Lim, J.: Efficient and Provably Secure Client-to-Client Password-Based Key Exchange Protocol. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds.) APWeb 2006. LNCS, vol. 3841, pp. 830–836. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  24. Phan, R.C.W., Goi, B.M.: Cryptanalysis of Two Provably Secure Cross-Realm C2C-PAKE Protocols. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 104–117. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  25. Gang, Y., Dengguo, F., Xiaoxi, H.: Improved Client-to-Client Password-Authenticated Key Exchange Protocol. In: IEEE ARES 2007, pp. 564–574 (2007)

    Google Scholar 

  26. Yin, Y., Bao, L.: Secure Cross-Realm C2C-PAKE Protocol. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 395–406. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  27. Ota, H., Yoneyama, K., Kiyomoto, S., Tanaka, T., Ohta, K.: Universally Composable Client-to-Client General Authenticated Key Exchange. IPSJ Journal 48(9), 3073–3088 (2007)

    Google Scholar 

  28. Boneh, D., Franklin, M.K.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  29. Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: SCIS 2000 (2000)

    Google Scholar 

  30. Fujisaki, E., Okamoto, T.: How to Enhance the Security of Public-Key Encryption at Minimum Cost. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 53–68. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  31. Choo, K.K.R., Boyd, C., Hitchcock, Y.: Examining Indistinguishability-Based Proof Models for Key Establishment Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585–604. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  32. LaMacchia, B., Lauter, K., Mityagin, A.: Stronger Security of Authenticated Key Exchange. In: Provsec (to appear, 2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The University of Electro-Communications,  

    Kazuki Yoneyama & Kazuo Ohta

  2. KDDI R&D Laboratories, Inc,  

    Haruki Ota

Authors
  1. Kazuki Yoneyama
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haruki Ota
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kazuo Ohta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Serdar Boztaş Hsiao-Feng (Francis) Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yoneyama, K., Ota, H., Ohta, K. (2007). Secure Cross-Realm Client-to-Client Password-Based Authenticated Key Exchange Against Undetectable On-Line Dictionary Attacks. In: Boztaş, S., Lu, HF.(. (eds) Applied Algebra, Algebraic Algorithms and Error-Correcting Codes. AAECC 2007. Lecture Notes in Computer Science, vol 4851. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77224-8_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77224-8_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77223-1

  • Online ISBN: 978-3-540-77224-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation