Verifier-Based Three-Party Password-Authenticated Key Exchange with Forward Security

Author

Bin, Tian ; Mengdong, Chen ; Lianzhong, Liu

Author_Institution

Dept. of Comput. Sci. & Eng., Beijing Univ. of Aeronaut. & Astronaut., Beijing

fYear

2008

fDate

20-22 Dec. 2008

Firstpage

56

Lastpage

61

Abstract

The password-based authenticated key exchange (PAKE) protocol in the three-party setting allows two clients communicating over a public network to establish a common session key with the help of a server. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. In this paper, we propose a new provably verifier-based three-party PAKE protocol to solve the server compromise problem and off-line dictionary attack problem. The security of the proposed scheme has been proven in the random oracle model under the gap Diffie-Hellman intractability assumption. The proposed protocol is efficient both in computational cost and in communication cost when compared with previous solutions.

Keywords

cryptographic protocols; message authentication; telecommunication security; dictionary attacks; forward security; password-based authenticated key exchange; public network; random oracle model; verifier-based three-party PAKE protocol; Computer networks; Computer science; Computer security; Costs; Cryptography; Dictionaries; Network servers; Protection; Protocols; Public key; Password-authenticated key exchange; Verifier-based; forward-secure; random oracle; three-party;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Electrical Engineering, 2008. ICCEE 2008. International Conference on

Conference_Location

Phuket

Print_ISBN

978-0-7695-3504-3

Type

conf

DOI

10.1109/ICCEE.2008.121

Filename

4740946