Title :
Gateway-Oriented Password-Authenticated Key Exchange Based on Chameleon Hash Function
Author :
Gao Fengxiu ; Wei Fushan ; Ma Chuangui
Author_Institution :
Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
A gateway-oriented password-based authenticated key exchange (GPAKE) is a three-party protocol, which allows a client and a gateway to establish a common session key with the help of an authentication server. Besides the semantic security of the session key, the desirable security properties of a GPAKE protocol also include password protection with respect to malicious gateways and key privacy with respect to honest-but-curious authentication servers. Unfortunately, previous solutions are suspectable to undetectable on-line dictionary attacks by a malicious gateway. To overcome this shortcoming, we propose a GPAKE protocol based on chameleon hash function in this paper. By the merit of chameleon hash function, the authentication server can distinguish an honest authentication request by a client from an on-line impersonation attack by a malicious gateway. The proposed protocol is secure against undetectable on-line dictionary attacks. In addition, it is as efficient as previous solutions.
Keywords :
computer network security; cryptographic protocols; data privacy; internetworking; GPAKE three-party protocol; authentication server; chameleon hash function; gateway-oriented password-authenticated key exchange; honest authentication request; honest-but-curious authentication servers; key privacy; malicious gateway; online dictionary attacks; online impersonation attack; password protection; semantic security; session key; Authentication; Dictionaries; Logic gates; Protocols; Public key; Servers;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing (WiCOM), 2012 8th International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-61284-684-2
DOI :
10.1109/WiCOM.2012.6478530
