Scalable protocol for cross-domain group password-based authenticated key exchange

Cross-domain password-based authenticated key exchange (PAKE) protocols have been studied for many years. However, these protocols are mainly focusing on multi-participant within a single domain in an open network environment. This paper proposes a novel approach for designing a cross-domain group PAKE protocol, that primarily handles with the setting of multi-participant in the multi-domain. Moreover, our protocol is proved secure against active adversary in the Real-or-Random (ROR) model. In our protocol, no interaction occurs between any two domain authentication servers. They are regarded as ephemeral certificate authorities (CAs) to certify key materials that participants might subsequently use to exchange and agree on group session key. We further justify the computational complexity and measure the average computation time of our protocol. To the best of our knowledge, this is the first work to analyze and discuss a provably secure multi-participant cross-domain group PAKE protocol.

[1]  Guomin Yang,et al.  Cross-domain password-based authenticated key exchange revisited , 2013, 2013 Proceedings IEEE INFOCOM.

[2]  Liehuang Zhu,et al.  Computationally sound symbolic security reduction analysis of the group key exchange protocols using bilinear pairings , 2012, Inf. Sci..

[3]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[4]  Jonathan Katz,et al.  Scalable Protocols for Authenticated Group Key Exchange , 2003, CRYPTO.

[5]  Fushan Wei,et al.  Efficient Client-to-Client Password Authenticated Key Exchange Based on RSA , 2013, INCoS.

[6]  Dong Hoon Lee,et al.  Password-Authenticated Multi-Party Key Exchange with Different Passwords , 2006, IACR Cryptol. ePrint Arch..

[7]  Haiquan Liang,et al.  Re-attack on a three-party password-based authenticated key exchange protocol , 2013, Math. Comput. Model..

[8]  Zhang Zi Computationally Sound and Effective Symbolic Analysis of Group Key Exchange Protocols , 2012 .

[9]  Yvo Desmedt,et al.  A secure and scalable Group Key Exchange system , 2005, Inf. Process. Lett..

[10]  Liehuang Zhu,et al.  Computationally Sound and Effective Symbolic Analysis of Group Key Exchange Protocols: Computationally Sound and Effective Symbolic Analysis of Group Key Exchange Protocols , 2012 .

[11]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[12]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[13]  Dong Hoon Lee,et al.  Password-Authenticated Key Exchange between Clients with Different Passwords , 2002, ICICS.

[14]  Jun-Han Yang,et al.  Provably secure three-party password authenticated key exchange protocol in the standard model , 2012, J. Syst. Softw..

[15]  Victor C. M. Leung,et al.  Multilayer Consensus ECC-Based Password Authenticated Key-Exchange (MCEPAK) Protocol for Smart Grid System , 2013, IEEE Transactions on Smart Grid.

[16]  Dawu Gu,et al.  Provably secure three-party password-based authenticated key exchange protocol , 2012, Inf. Sci..

[17]  Kefei Chen,et al.  Enhancements of a three-party password-based authenticated key exchange protocol , 2013, Int. Arab J. Inf. Technol..

[18]  Wei Yuan,et al.  An Efficient Password-based Group Key Exchange Protocol Using Secret Sharing , 2013 .

[19]  Der-Chyuan Lou,et al.  Efficient three-party password-based key exchange scheme , 2011, Int. J. Commun. Syst..