论文信息 - Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks

Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks

We consider an imbalanced wireless network setup in which a low-power client communicates with a powerful server. We assume that public key cryptographic operations such as Diffie-Hellman key exchange conducted over a large multiplicative group is too computationally intensive for a low-power client to implement. In this paper, we propose an authenticatedk ey exchange protocol such that it is efficient enough to be implemented on most of the target low-power devices such as devices in sensor networks, smart cards and low-power Personal Digital Assistants. In addition, it is secure against dictionary attacks. Our scheme requires less than 2.5 seconds of pure computation on a 16MHz Palm V andab out 1 secondfor data transmission if the throughput of a network is 8 kbps. The computation time can be improvedto 300 msec and the transmision time can also be reduced to 300 msec if caching is allowed.

Feng Zhu | Duncan S. Wong | Agnes Hui Chan | Robbie Ye

[1] Steven M. Bellovin,et al. Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[2] Rafail Ostrovsky,et al. Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[3] Jerome H. Saltzer,et al. Protecting Poorly Chosen Secrets from Guessing Attacks , 1993, IEEE J. Sel. Areas Commun..

[4] Sarvar Patel,et al. Password-Authenticated Key Exchange Based on RSA , 2000, ASIACRYPT.

[5] Taekyoung Kwon,et al. Ultimate solution to authentication via memorable password , 2000 .

[6] Duncan S. Wong,et al. The performance measurement of cryptographic primitives on palm devices , 2001, Seventeenth Annual Computer Security Applications Conference.

[7] Sarvar Patel,et al. Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[8] David P. Jablon. Strong password-only authenticated key exchange , 1996, CCRV.

[9] Stefan Lucks,et al. Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys , 1997, Security Protocols Workshop.

[10] Faculteit der Wiskunde en Natuurwetenschappen,et al. Divisors in residue classes , 1983 .

[11] Thomas D. Wu. The Secure Remote Password Protocol , 1998, NDSS.

[12] Mihir Bellare,et al. Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.