Credential Authenticated Identification and Key Exchange
نویسندگان
چکیده
Secure two-party authentication and key exchange are fundamental problems. Traditionally, the parties authenticate each other by means of their identities, using a public-key infrastucture (PKI). However, this is not always feasible or desirable: an appropriate PKI may not be available, or the parties may want to remain anonymous, and not reveal their identities. To address these needs, we introduce the notions of credential-authenticated identification (CAID) and key exchange (CAKE), where the compatibility of the parties’ credentials is the criteria for authentication, rather than the parties’ identities relative to some PKI. We formalize CAID and CAKE in the universal composability (UC) framework, with natural ideal functionalities, and we give practical, modularly designed protocol realizations. We prove all our protocols UC-secure in the adaptive corruption model with erasures, assuming a common reference string (CRS). The proofs are based on standard cryptographic assumptions and do not rely on random oracles. CAKE includes password-authenticated key exchange (PAKE) as a special case, and we present two new PAKE protocols. The first one is interesting in that it is uses completely different techniques than known practical PAKE protocols, and also achieves UC-security in the adaptive corruption model with erasures; the second one is the first practical PAKE protocol that provides a meaningful form of resilience against server compromise without relying on random oracles.
منابع مشابه
Authenticated Key Exchange with Synchronized States
Nowadays, most of sensitive applications over insecure network are protected by some authenticated secure channel which is highly relies on specific authenticated key exchange (AKE) protocol. Nevertheless, the leakage of authentication credential used in AKE protocol somehow result in unauthorized exploitation of credential information via identity impersonation (IDI) attack. To address the pro...
متن کاملInternet Engineering Task Force (ietf) Password Authenticated Connection Establishment with the Internet Key Exchange Protocol Version 2 (ikev2)
The Internet Key Exchange protocol version 2 (IKEv2) does not allow secure peer authentication when using short credential strings, i.e., passwords. Several proposals have been made to integrate passwordauthentication protocols into IKE. This document provides an adaptation of Password Authenticated Connection Establishment (PACE) to the setting of IKEv2 and demonstrates the advantages of this ...
متن کاملPassword Authenticated Connection Establishment with the Internet Key Exchange Protocol version 2 (IKEv2)
The Internet Key Exchange protocol version 2 (IKEv2) does not allow secure peer authentication when using short credential strings, i.e., passwords. Several proposals have been made to integrate passwordauthentication protocols into IKE. This document provides an adaptation of Password Authenticated Connection Establishment (PACE) to the setting of IKEv2 and demonstrates the advantages of this ...
متن کاملPredicate-Based Key Exchange
We provide the first description of and security model for authenticated key exchange protocols with predicate-based authentication. In addition to the standard goal of session key security, our security model also provides for credential privacy: a participating party learns nothing more about the other party’s credentials than whether they satisfy the given predicate. Our model also encompass...
متن کاملA Secure Authenticated Key Exchange Protocol for Credential Services
Remote user authentication and key agreement system through smartcard is a viable practical solution to validate the eligibility of a remote user and thus to provide a secure communication. This paper suggests a Secure Authenticated Key Exchange Protocol (SAKEP) for Credential Services. The major intrinsic worth of this scheme include that, the system do not require any verification table and t...
متن کامل