A Lower-Bound of Complexity for RSA-Based Password-Authenticated Key Exchange

Some RSA-based PAKE protocols have been proposed using a challenge-response method for verifying the validity of the server's RSA public key due to the lack of a PKI. However, these kind of RSA-based PAKE protocols cannot specify the exact overall complexity of their protocols since there exists a system parameter l needed for the challenge-response method. In this paper we present an RSA-based PAKE (RSA-PAKE) protocol, followed by its lower-bound of complexity and the actual computation and communication costs.

[1]  Feng Zhu,et al.  More Efficient Password Authenticated Key Exchange Based on RSA , 2003, INDOCRYPT.

[2]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[3]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[4]  Muxiang Zhang New Approaches to Password Authenticated Key Exchange Based on RSA , 2004, ASIACRYPT.

[5]  Sarvar Patel,et al.  Number theoretic attacks on secure password schemes , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6]  Muxiang Zhang,et al.  Further Analysis of Password Authenticated Key Exchange Protocol Based on RSA for Imbalanced Wireless Networks , 2004, ISC.

[7]  Feng Bao,et al.  Security Analysis of a Password Authenticated Key Exchange Protocol , 2003, ISC.

[8]  Stefan Lucks,et al.  Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys , 1997, Security Protocols Workshop.

[9]  Russell Housley,et al.  Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure , 2001 .

[10]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[11]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[12]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[13]  Emmanuel Bresson,et al.  New Security Results on Encrypted Key Exchange , 2003, Public Key Cryptography.

[14]  Feng Zhu,et al.  Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks , 2002, ISC.

[15]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[16]  David Pointcheval,et al.  IPAKE: Isomorphisms for Password-Based Authenticated Key Exchange , 2004, CRYPTO.

[17]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[18]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[19]  Thomas Johansson,et al.  Progress in Cryptology - INDOCRYPT 2003 , 2003, Lecture Notes in Computer Science.

[20]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .