Threshold password-authenticated key exchange

Threshold password-authenticated key exchange (2002)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Philip Mackenzie , Thomas Shrimpton , Markus Jakobsson

Venue:	In CRYPTO 2002 (LNCS 2442
Citations:	22 - 7 self

BibTeX

@INPROCEEDINGS{Mackenzie02thresholdpassword-authenticated,
    author = {Philip Mackenzie and Thomas Shrimpton and Markus Jakobsson},
    title = {Threshold password-authenticated key exchange},
    booktitle = {In CRYPTO 2002 (LNCS 2442},
    year = {2002},
    pages = {385--400},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Abstract. In most password-authenticated key exchange systems there is a single server storing password verification data. To provide some resilience against server compromise, this data typically takes the form of a one-way function of the password (and possibly a salt, or other public values), rather than the password itself. However, if the server is compromised, this password verification data can be used to perform an offline dictionary attack on the user’s password. In this paper we propose an efficient password-authenticated key exchange system involving a set of servers, in which a certain threshold of servers must participate in the authentication of a user, and in which the compromise of any fewer than that threshold of servers does not allow an attacker to perform an offline dictionary attack. We prove our system is secure in the random oracle model under the Decision Diffie-Hellman assumption against an attacker that may eavesdrop on, insert, delete, or modify messages between the user and servers, and that compromises fewer than that threshold of servers. 1

Citations

2292	New directions in cryptography - Diffie, Hellmen - 1976
1130	Random oracles are practical: A paradigm for designing efficient protocols - Bellare, Rogaway - 1993
961	A public key cryptosystem and a signature scheme based on discrete logarithms - ElGamal - 1985
706	A.: How to prove yourself: Practical solutions to identification and signature problems - Fiat, Shamir - 1986
425	How to play any mental game, or a completeness theorem for protocols with honest majority - Goldreich, Micali, et al. - 1987
388	Entity authentication and key distribution - Bellare, Rogaway - 1994
327	The TLS protocol version 1.0 - DIERKS, ALLEN - 1999
293	Encrypted key exchange: Password-based protocols secure against dictionary attacks - Bellovin, Merritt - 1992
252	Authenticated key exchange secure against dictionary attacks - Bellare, Pointcheval, et al. - 2000
234	New directions in cryptography - e, Hellman - 1976
231	Threshold Cryptosystems - Desmedt, Frankel - 1989
221	Proofs of Partial Knowledge and Simplified Design of Witness Hiding - Cramer, Damg˚ard, et al. - 1994
212	Public-key Cryptosystems Provably Secure against Chosen Ciphertext Attacks - Naor, Yung - 1990
206	The random oracle methodology, revisited - Canetti, Halevi
196	A Practical Scheme for Non-interactive Verifiable Secret Sharing - Feldman - 1987
185	Provably secure session key distribution---the three party case - Bellare, Rogaway - 1995
173	The Decision Diffie-Hellman problem - Boneh - 1998
164	Proactive secret sharing or: How to cope with perpetual leakage - Herzberg, Jarecki, et al. - 1995
156	Robust non-interactive zero knowledge - Santis, Crescenzo, et al. - 2001
155	The secure remote password protocol - Wu - 1998
142	Strong password-only authenticated key exchange - Jablon - 1996
125	Provably secure password authenticated key exchange using Diffie-Hellman - Boyko, MacKenzie, et al. - 2000
117	Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password le compromise - Bellovin, Merritt - 1994
110	Robust threshold DSS signatures - Gennaro, Jarecki, et al. - 2010
104	Non-Interactive Zero-Knowledge and its Applications - Blum, Feldman, et al. - 1988
94	H.: Public-key cryptography and password protocols - Halevi, Krawczyk - 1999
74	E cient password-authenticated key exchange using human-memorable passwords - Katz, Ostrovsky, et al. - 2001
70	Session-key generation using human passwords only - Goldreich, Lindell - 2001
45	Digital multisignatures - Boyd - 1989
41	Password-Authenticated Key Exchange Based on RSA - MacKenzie, Patel, et al. - 1976
40	The decision di e-hellman problem - Boneh - 1998
33	Sever-assisted Generation of a Strong Secret from a Password - Ford, Kaliski - 2000
17	Universally composable twoparty computation - Canetti, Lindell, et al. - 2002
16	Password authentication using multiple servers,” Topics - Jablon
14	Proactive public key and signature schemes - Herzberg, Jakobsson, et al.
14	A Practical Scheme for Non-Interactive Veri Secret Sharing - Feldman
13	The (in)security of distributed key generation in dlog-based cryptosystems - Gennaro, Jarecki, et al. - 1999
12	Practical Password-Authenticated Key Exchange Provably Secure under Standard Assumptions - Katz, Ostrovsky, et al. - 2001
8	Adaptively-secure distributed threshold public key systems - Frankel, MacKenzie, et al. - 1999
7	Provably secure threshold password-authenticated key exchange - Raimondo, Gennaro