Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks

Group Diffie-Hellman schemes for password-based key exchange are designed to provide a pool of players communicating over a public network, and sharing just a human-memorable password, with a session key (e.g, the key is used for multicast data integrity and confidentiality). The fundamental security goal to achieve in this scenario is security against dictionary attacks. While solutions have been proposed to solve this problem no formal treatment has ever been suggested. In this paper, we define a security model and then present a protocol with its security proof in both the random oracle model and the ideal-cipher model.

[1]  Paula Fikkert,et al.  Specification of the Bluetooth System , 2003 .

[2]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[3]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[4]  John Black,et al.  Ciphers with Arbitrary Finite Domains , 2002, CT-RSA.

[5]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[6]  Yehuda Lindell,et al.  Session-Key Generation Using Human Passwords Only , 2001, CRYPTO.

[7]  Gene Tsudik,et al.  Pushing the limits of multicast in ad hoc networks , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[8]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[9]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[10]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  N. Asokan,et al.  Key agreement in ad hoc networks , 2000, Comput. Commun..

[12]  Markus Jakobsson,et al.  Security Weaknesses in Bluetooth , 2001, CT-RSA.

[13]  Emmanuel Bresson,et al.  The Group Diffie-Hellman Problems , 2002, Selected Areas in Cryptography.

[14]  NaorMoni,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004 .

[15]  Charles E. Perkins,et al.  Ad Hoc Networking , 2001 .

[16]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[17]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[18]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[19]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[20]  Philip D. MacKenzie,et al.  More Efficient Password-Authenticated Key Exchange , 2001, CT-RSA.