Provably secure password-authenticated key exchange using Diffie-Hellman (2000) [94 citations — 7 self]

Download:

by Victor Boyko, Philip Mackenzie, Sarvar Patel

http://www.bell-labs.com/user/philmac/research/pak-final.ps.gz

Add To MetaCart

Popular Tags

No tags have been applied to this document.

BibTeX | Add To MetaCart

@INPROCEEDINGS{Boyko00provablysecure,
    author = {Victor Boyko and Philip Mackenzie and Sarvar Patel},
    title = {Provably secure password-authenticated key exchange using Diffie-Hellman},
    booktitle = {},
    year = {2000},
    pages = {156--171},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Abstract:

When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using cryptographically secure keys), one must not allow any information to be leaked that would allow verification of the password (a weak shared key), since an attacker who obtains this information may be able to run an off-line dictionary attack to determine the correct password. Of course, it may be extremely difficult to hide all password information, especially if the attacker may pose as one of the parties in the key exchange. Nevertheless, we present a new protocol called PAK which is the first Diffie-Hellman-based password-authenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries. In addition to the PAK protocol that provides mutual explicit authentication, we also show a more efficient protocol called PPK that is provably secure in the implicit-authentication model. We then extend PAK to a protocol called PAK-X, in which one side (the client) stores a plaintext version of the password, while the other side (the server) only stores a verifier for the password. We formally prove security of PAK-X, even when the server is compromised. Our formal model for password-authenticated key exchange is new, and may be of independent interest. Keywords: Password authentication, key exchange, Diffie-Hellman.

Citations

1751	New directions in cryptography – Diffie, Hellman - 1976
897	Random oracles are practical: A paradigm for designing efficient protocols – Bellare, Rogaway - 1993
788	A public key cryptosystem and a signature scheme based on discrete logarithms – Elgamal - 1985
323	Entity Authentication and Key Distribution – Bellare, Rogaway - 1995
229	Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks – Bellovin, Merritt - 1992
189	Authenticated key exchange secure against dictionary attacks – Bellare, Pointcheval, et al. - 2000
173	Optimal Asymmetric Encryption – Bellare, Rogaway - 1994
170	Provably secure session key distribution: the three party case – Bellare, Rogaway - 1995
169	A modular approach to the design and analysis of authentication and key exchange protocols – Bellare, Canetti, et al. - 1995
163	The Random Oracle Methodology Revisited – Canetti, Goldreich, et al. - 1998
133	The Decision Diffie-Hellman Problem – Boneh - 1998
132	Secure integration of asymmetric and symmetric encryption schemes – Fujisaki, Okamoto - 1999
129	The Secure Remote Password Protocol – Wu - 1998
120	Strong Password-Only Authenticated Key Exchange – Jablon - 1996
114	Secure Multi-party Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty Minority – Beaver - 1991
103	Protecting poorly chosen secrets from guessing attacks – Gong, Lomas, et al. - 1993
100	Augmented Encrypted Key Exchange: A Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise – Bellovin, Merritt - 1993
79	Public-Key Cryptography and Password Protocols – Halevi, Krawczyk - 1999
77	Key agreement protocols and their security analysis – Blake-Wilson, Johnson, et al. - 1997
57	Open key exchange: How to defeat dictionary attacks without encrypting public keys – Lucks - 1997
57	On formal models for secure key exchange – Shoup - 1999
51	Refinement and extension of encrypted key exchange – Steiner, Tsudik, et al. - 1995
46	Reducing risks from poorly chosen keys – Lomas, Gong, et al. - 1989
37	Optimal authentication protocols resistant to password guessing attacks – Gong - 1995
37	Extended password key exchange protocols immune to dictionary attack – Jablon - 1997
37	A real-world analysis of Kerberos password security – Wu - 1999
35	Number theoretic attacks on secure password schemes – Patel - 1997
33	Public-Key Cryptography and Password Protocols: The Multi-User Case – Boyarsky - 1999
11	Secure network authentication with password identification – MacKenzie, Swaminathan - 1999

View or Download | Add to My Collection | Correct Errors