Provably Secure Password-Authenticated Group Key Exchange with Different Passwords under Standard Assumption

  • Fengjiao Wang
  • Yuqing Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6151)


Although many password-authenticated group key exchange protocols have been proposed in recent years, it remains a non-trivial task to establish strong provable security guarantees without making idealized assumptions. In this paper, blending the best of a variant EKE scheme and Burmester-Desmedt (BD) group key exchange protocol, we present a provable secure and efficient different password-authenticated group key exchange (DPWA) protocol of three-round in the multicast setting. Based on the previous works, we first give a strengthened security model for this case, and then provide a security proof of our protocol in this model under the standard assumption.


group key establishment password-based authentication provable security dictionary attacks 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abdalla, M., Pointcheval, D.: A scalable password-based group key exchange protocol in the standard model. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 332–347. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Abdalla, M., Bohli, J., Vasco, M., Steinwandt, R. (Password) authenticated key establishment from 2-party to group. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 499–514. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Wan, Z., Bart, P.: N-PAKE+A Hierarchical Group Password Authenticated key exchange protocol Using different passwords. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 31–43. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Byun, J.W., Lee, D.H.: N-party encrypted diffie-hellman key exchange using different passwords. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 75–90. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Abdalla, M., Bresson, E., Chevassut, O., Pointcheval, D.: Password-based group key exchange in a constant number of rounds. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 427–442. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Abdalla, M., Pointcheval, D.: Interactive Diffie-hellman assumptions with applications to password-based authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Bohli, J.-M., Vasco, M.I.G., Steinwandt, R.: Password-authenticated constant round group key establishment with a common reference string. In: Cryptology ePrint Archive, Report 2006/214 (2006)Google Scholar
  8. 8.
    Lee, S.-M., Hwang, J.Y., Lee, D.H.: Efficient password-based group key exchange. In: Katsikas, S.K., López, J., Pernul, G. (eds.) TrustBus 2004. LNCS, vol. 3184, pp. 191–199. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Dutta, R., Barua, R.: Password-based encrypted group key agreement. International Journal of Network Security 3(1), 30–41 (2006)Google Scholar
  10. 10.
    Burmester, M., Desmedt, Y.: A secure and efficient conference key distribution system (extended abstract). In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  11. 11.
    Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Wang, W., Hu, L.: Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 118–132. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password Based Protocols Secure against Dictionary Attacks. In: Proceedings 1992 IEEE Symposium on Research in Security and Privacy, pp. 72–84. IEEE Computer Society Press, Los Alamitos (1992)CrossRefGoogle Scholar
  14. 14.
    Wang, W., Hu, L.: Provably Secure N-Party Authenticated Key Exchange in the Multicast DPWA Setting. In: Pei, D., Yung, M., Lin, D., Wu, C. (eds.) Inscrypt 2007. LNCS, vol. 4990, pp. 93–107. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Tang, Q., Chen, L.: Weaknesses in two group diffie-hellman key exchange protocols. In: Cryptology ePrint Archive, Report 2005/197 (2005)Google Scholar
  16. 16.
    Byun, J.W., Lee, D.H., Lim, J.: Password-based group key exchange secure against insider guessing attacks. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C. (eds.) CIS 2005. LNCS (LNAI), vol. 3802, pp. 143–148. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Phan, R.C.-W., Goi, B.-M.: Cryptanalysis of the n-party encrypted diffie-hellman key exchange using different passwords. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 226–238. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Byun, J.W., Lee, S.-M., Lee, D.H., Hong, D.: Constant-round password-based group key generation for multi-layer ad-hoc networks. In: Clark, J.A., Paige, R.F., Polack, F.A.C., Brooke, P.J. (eds.) SPC 2006. LNCS, vol. 3934, pp. 3–17. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Kobara, K., Imai, H.: Pretty-simple password-authenticated key-exchange under standard assumptions. IE-ICE Transactions E85-A(10), 2229–2237 (2002)Google Scholar
  20. 20.
    Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Fengjiao Wang
    • 1
    • 2
  • Yuqing Zhang
    • 1
    • 2
  1. 1.National Computer Network Intrusion Protection CenterGUCASBeijingP.R. China
  2. 2.State Key Laboratory of Information SecurityGUCASBeijingP.R. China

Personalised recommendations