Abstract
Schemes for encrypted key exchange are designed to provide two entities communicating over a public network, and sharing a (short) password only, with a session key to be used to achieve data integrity and/or message confidentiality. An example of a very efficient and “elegant” scheme for encrypted key exchange considered for standardization by the IEEE P1363 Standard working group is AuthA. This scheme was conjectured secure when the symmetric-encryption primitive is instantiated via either a cipher that closely behaves like an “ideal cipher”, or a mask generation function that is the product of the message with a hash of the password. While the security of this scheme in the former case has been recently proven, the latter case was still an open problem. For the first time we prove in this paper that this scheme is secure under the assumptions that the hash function closely behaves like a random oracle and that the computational Diffie-Hellman problem is difficult. Furthermore, since Denial-of-Service (DoS) attacks have become a common threat we enhance AuthA with a mechanism to protect against them.
Chapter PDF
Similar content being viewed by others
References
Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A.D., Reingold, O.: Efficient, DoS-resistant, Secure Key Exchange for Internet Protocols. In: Proc. of the 9th CCS, pp. 48–58. ACM Press, New York (2002)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure Against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: The AuthA Protocol for Password-Based Authenticated Key Exchange. Contributions to IEEE P1363 (March 2000), Available from, http://grouper.ieee.org/groups/1363/
Bellare, M., Rogaway, P.: Random Oracles Are Practical: a Paradigm for Designing Efficient Protocols. In: Proc. of the 1st CCS, pp. 62–73. ACM Press, New York (1993)
Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure against Dictionary Attacks. In: Proc. of the Symposium on Security and Privacy, pp. 72–84. IEEE, Los Alamitos (1992)
Bellovin, S.M., Merritt, M.: Augmented Encrypted Key Exchange: A Password- Based Protocol Secure against Dictionary Attacks and Password File Compromise. In: Proc. of the 1st CCS, pp. 244–250. ACM Press, New York (1993)
Boyko, V., MacKenzie, P., Patel, S.: Provably Secure Password Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000), Final version available at, http://cm.bell-labs.com/who/philmac/research/
Bresson, E., Chevassut, O., Pointcheval, D.: Security Proofs for Efficient Password-Based Key Exchange. In: Proc. of the 10th CCS. ACM Press, New York (2003), The full version is available on the Cryptology ePrint Archive 2002/192
Bresson, E., Chevassut, O., Pointcheval, D.: New Security Results on Encrypted Key Exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004), Full version available at, http://www.di.ens.fr/users/pointche/
Dwork, C., Goldberg, A., Naor, M.: On Memory-Bound Functions for Fighting Spam. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 426–444. Springer, Heidelberg (2003)
IEEE Standard 1363.2 Study Group. Password-Based Public-Key Cryptography, Available from http://grouper.ieee.org/groups/1363/passwdPK
Juels, A., Brainard, J.: Client Puzzles: A Cryptographic Defense Against Connection Depletion Attacks. In: Proc. of NDSS 1999, pp. 151–165 (1999)
Luby, M., Rackoff, C.: How to Construct Pseudorandom Permutations from Pseudorandom Functions. SIAM Journal of Computing 17(2), 373–386 (1988)
Shoup, V.: OAEP Reconsidered. Journal of Cryptology 15(4), 223–249 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bresson, E., Chevassut, O., Pointcheval, D. (2004). New Security Results on Encrypted Key Exchange. In: Bao, F., Deng, R., Zhou, J. (eds) Public Key Cryptography – PKC 2004. PKC 2004. Lecture Notes in Computer Science, vol 2947. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24632-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-24632-9_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21018-4
Online ISBN: 978-3-540-24632-9
eBook Packages: Springer Book Archive