Password-based encrypted key exchange are protocols that are designed to provide pair of users communicating over an unreliable channel with a secure session key even when the secret key or password shared between two users is drawn from a small set of values. In this paper, we present two simple password-based encrypted key exchange protocols based on that of Bellovin and Merritt. While one protocol is more suitable to scenarios in which the password is shared across several servers, the other enjoys better security properties. Both protocols are as e-cient, if not better, as any of the existing encrypted key exchange protocols in the literature, and yet they only require a single random oracle instance. The proof of security for both protocols is in the random oracle model and based on hardness of the computational Di-e-Hellman problem. However, some of the techniques that we use are quite difierent from the usual ones and make use of new variants of the Di-e-Hellman problem, which are of independent interest. We also provide concrete relations between the new variants and the standard Di-e-Hellman problem.
[1]
Mihir Bellare,et al.
Provably secure session key distribution: the three party case
,
1995,
STOC '95.
[2]
Mihir Bellare,et al.
Entity Authentication and Key Distribution
,
1993,
CRYPTO.
[3]
Sarvar Patel,et al.
Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman
,
2000,
EUROCRYPT.
[4]
Steven M. Bellovin,et al.
Encrypted key exchange: password-based protocols secure against dictionary attacks
,
1992,
Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.
[5]
Emmanuel Bresson,et al.
Security proofs for an efficient password-based key exchange
,
2003,
CCS '03.
[6]
Mihir Bellare,et al.
Authenticated Key Exchange Secure against Dictionary Attacks
,
2000,
EUROCRYPT.