Very-Efficient Anonymous Password-Authenticated Key Exchange and Its Extensions

An anonymous password-authenticated key exchange (anonymous PAKE) protocol is designed to provide both password-only authentication and user anonymity. In this paper, we propose a very-efficient anonymous PAKE (called, VEAP) protocol that provides the most efficiency among their kinds in terms of computation and communication costs. The VEAP protocol guarantees semantic security of session keys in the random oracle model under the chosen target CDH problem, and unconditional user anonymity against a semi-honest server. If the pre-computation is allowed, the computation cost of the VEAP protocol is the same as the well-known Diffie-Hellman protocol! In addition, we extend the VEAP protocol in two ways.

[1]  Wen-Guey Tzeng,et al.  Efficient 1-Out-n Oblivious Transfer Schemes , 2002, Public Key Cryptography.

[2]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[3]  Ramarathnam Venkatesan,et al.  Progress in Cryptology - INDOCRYPT 2005, 6th International Conference on Cryptology in India, Bangalore, India, December 10-12, 2005, Proceedings , 2005, INDOCRYPT.

[4]  Hidema Tanaka,et al.  Anonymous Password-Based Authenticated Key Exchange , 2005, INDOCRYPT.

[5]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[6]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[7]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[8]  SeongHan Shin,et al.  A Secure Threshold Anonymous Password-Authenticated Key Exchange Protocol , 2007, IWSEC.

[9]  Alfred Menezes,et al.  Topics in Cryptology – CT-RSA 2005 , 2005 .

[10]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[11]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[12]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[13]  David Pointcheval,et al.  Simple Password-Based Encrypted Key Exchange Protocols , 2005, CT-RSA.

[14]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[15]  Emmanuel Bresson,et al.  New Security Results on Encrypted Key Exchange , 2003, Public Key Cryptography.

[16]  Wen-Guey Tzeng,et al.  Efficient k-out-of-n Oblivious Transfer Schemes , 2005, J. Univers. Comput. Sci..

[17]  David P. Jablon Extended password key exchange protocols immune to dictionary attack , 1997, Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[18]  Alexandra Boldyreva,et al.  Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-Diffie-Hellman-Group Signature Scheme , 2003, Public Key Cryptography.

[19]  Chanathip Namprempre,et al.  The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme , 2003, Journal of Cryptology.

[20]  Serge Vaudenay Public Key Cryptography - PKC 2005, 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005, Proceedings , 2005, Public Key Cryptography.

[21]  Jing Yang,et al.  A New Anonymous Password-Based Authenticated Key Exchange Protocol , 2008, INDOCRYPT.