Proof of Forward Security for Password-based Authenticated Key Exchange
نویسندگان
چکیده
Recently, M. Abdalla et al. proposed a slightly different variant of AuthA, based on the scheme proposed by E. Bresson et al., and provided the first complete proof of forward-secrecy for AuthA. They claimed that under the Gap Diffie-Hellman assumption the variant of AuthA was forward-secure in the random-oracle model. In this paper, we present an active attack to reveal a previously unpublished flaw in their proof. To fix their proof, we have to introduce one more variant Diffie-Hellman assumption. If so, we found the scheme proposed by E. Bresson et al. could be proved forward secure as well. Since the proposal of E. Bresson et al. is simpler for implementation in practice, we only provided the rigorous proof of forward security for it.
منابع مشابه
A New Ring-Based SPHF and PAKE Protocol On Ideal Lattices
emph{ Smooth Projective Hash Functions } ( SPHFs ) as a specific pattern of zero knowledge proof system are fundamental tools to build many efficient cryptographic schemes and protocols. As an application of SPHFs, emph { Password - Based Authenticated Key Exchange } ( PAKE ) protocol is well-studied area in the last few years. In 2009, Katz and Vaikuntanathan described the first lattice-based ...
متن کاملA Novel Client-to-Client Password-Authenticated Key Exchange Protocol Using Chaotic Maps in The Standard Model
Until now, the overwhelming majority of password-authenticated key agreement protocols using chaotic maps are based on three architectures (client/server, two clients/server and multi-server) and four security models (heuristic security, random oracle, ideal cipher and standard model). However, with rapid changes in the modern communication environment such as wireless mesh networks and cloud s...
متن کاملProvably Secure Password-authenticated Key Exchange Using Diie-hellman
When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using cryptographically secure keys), one must not allow any information to be leaked that would allow veriication of the password (a weak shared key), since an attacker who obtains this information may be able to run an oo-line dictionary attack to determine the correct password. We...
متن کاملCryptanalysis of the N-Party Encrypted Diffie-Hellman Key Exchange Using Different Passwords
We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N−1 clients and a singleserver, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-ho...
متن کاملForward Secrecy in Password-Only Key Exchange Protocols
Password-only authenticated key exchange (PAKE) protocols are designed to be secure even when users choose short, easilyguessed passwords. Security requires, in particular, that the protocol cannot be broken by an o -line dictionary attack in which an adversary enumerates all possible passwords in an attempt to determine the correct one based on previously-viewed transcripts. Recently, provably...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 7 شماره
صفحات -
تاریخ انتشار 2008