Efficient and Provably Secure Generic Construction of Three-Party Password-Based Authenticated Key Exchange Protocols

Three-party password-based authenticated key exchange (3-party PAKE) protocols make two communication parties establish a shared session key with the help of a trusted server, with which each of the two parties shares a predetermined password. Recently, with the first formal treatment for 3-party PAKE protocols addressed by Abdalla et al., the security of such protocols has received much attention from cryptographic protocol researchers. In this paper, we consider the security of 3-party PAKE protocols against undetectable on-line dictionary attacks which are serious and covert threats for the protocals. We examine two 3-party PAKE schemes proposed recently by Abdalla et al. and reveal their common weakness in resisting undetectable on-line dictionary attacks. With reviewing the formal model for 3-party PAKE protocols of Abdalla et al. and enhancing it by adding the authentication security notion for the treatment of undetectable attacks, we then present an efficient generic construction for 3-party PAKE protocols, and prove it enjoys both the semantic security and the authentication security.

[1]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[2]  David Pointcheval,et al.  Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication , 2005, Financial Cryptography.

[3]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[4]  Gene Tsudik,et al.  Refinement and extension of encrypted key exchange , 1995, OPSR.

[5]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[6]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[7]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[8]  Emmanuel Bresson,et al.  Security proofs for an efficient password-based key exchange , 2003, CCS '03.

[9]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[10]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[11]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[12]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[13]  Yehuda Lindell,et al.  Session-Key Generation Using Human Passwords Only , 2001, CRYPTO.

[14]  Emmanuel Bresson,et al.  New Security Results on Encrypted Key Exchange , 2003, Public Key Cryptography.

[15]  Hung-Min Sun,et al.  Three-party encrypted key exchange without server public-keys , 2001, IEEE Communications Letters.

[16]  Serge Vaudenay Public Key Cryptography - PKC 2005, 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005, Proceedings , 2005, Public Key Cryptography.

[17]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[18]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[19]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[20]  Hung-Min Sun,et al.  Efficient Three-Party Authentication and Key Agreement Protocols Resistant to Password Guessing Attacks , 2003, J. Inf. Sci. Eng..

[21]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.