Abstract
A great deal of password authenticated key exchange (PAKE) protocols have been proposed in recent years. Most of them were based on Diffie-Hellman key exchange. While the approach of designing PAKE protocols with RSA is far from maturity and perfection. In fact, the existing PAKE protocols using RSA or other public-key cryptographic techniques provide an authenticated key exchange only between a client and a server. This paper presents a new efficient PAKE protocol using RSA in the three-party settings (3PAKE-RSA). The novel protocol can be resistant to e-residue attack and provably secure under the RSA assumption in the random oracle model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellovin, M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: IEEE Symposium on Security and Privacy Oakland, California, USA, pp. 72–84 (1992)
Bellovin, M., Merritt, M.: Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In: Proc. of the 1st ACM Conference on Computer and Communications Security, pp. 244–250. ACM, New York (1993)
Jablon, D.: Extended password key exchange protocols immune to dictionary attacks. In: Proc.of WET-ICE 1997, pp. 248–255 (1997)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Transactions on Information and System Security 2(3), 230–268 (1999)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
MacKenzie, P., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000)
Patel, S.: Number theoretic attacks on secure password schemes. In: Proc. IEEE Symposium on Security and Privacy, Oakland, California, May 5–7 (1997)
MuXiang, Z.: New approaches to password authenticated key exchange based on RSA. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 230–244. Springer, Heidelberg (2004)
MacKenzie, P., Swaminathany, R.: Secure network authentication with password identification. Submission to IEEE P1363a (1999)
Sangjoon, P., Junghyun, N., Seungjoo, K., Dongho, W.: Efficient password-authenticated key exchange based on RSA. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 309–323. Springer, Heidelberg (2006)
Abdalla, M., Fouque, P., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. IEE Proc.-Inf. Secur. 153(1), 27–39 (2006)
Bellare, M., Rogaway, P.: Provably secure session key distribution in the three party case. In: 28th Annual ACM Symposium on Theory of Computing, pp. 57–66 (1996)
Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524–542. Springer, Heidelberg (2003)
Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)
ShuHua, W., YueFei, Z.: Three-party password-based authenticated key exchange with forward-security. Chinese Journal of Computers 30(10), 1833–1841 (2007)
Byun, J.W., Jeong, I.R., Lee, D.H., Park, C.S.: Password-authenticated key exchange between clients with different passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)
Lin, C.L., Sun, H.M., Hwang, T.: Three-party encrypted key exchange: attacks and a solution. ACM SIGOPS Operating Systems Review 34(4), 12–20 (2000)
Shoup, V.: A computational introduction to number theory and algebra. Cambridge University Press, Cambridge (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dongna, E., Cheng, Q., Ma, C. (2009). Password Authenticated Key Exchange Based on RSA in the Three-Party Settings. In: Pieprzyk, J., Zhang, F. (eds) Provable Security. ProvSec 2009. Lecture Notes in Computer Science, vol 5848. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04642-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-04642-1_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04641-4
Online ISBN: 978-3-642-04642-1
eBook Packages: Computer ScienceComputer Science (R0)