Skip to main content
SpringerLink
Log in

Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication

  • Conference paper
Financial Cryptography and Data Security (FC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3570))

Included in the following conference series:

Abstract

Password-based authenticated key exchange are protocols that are designed to provide strong authentication for client-server applications, such as online banking, even when the users’ secret keys are considered weak (e.g., a four-digit pin). In this paper, we address this problem in the three-party setting, in which the parties trying to authenticate each other and to establish a session key only share a password with a trusted server and not directly among themselves. This is the same setting used in the popular Kerberos network authentication system. More precisely, we introduce a new three-party password-based authenticated key exchange protocol. Our protocol is reasonably efficient and has a per-user computational cost that is comparable to that of the underlying two-party authenticated key exchange protocol. The proof of security is in the random oracle model and is based on new and apparently stronger variants of the decisional Diffie-Hellman problem which are of independent interest.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Abdalla, M., Pointcheval, D.: Interactive Diffie-Hellman assumptions with applications to password-based authentication. Full version of current paper. Available from authors’ web pages

    Google Scholar 

  3. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 139. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Google Scholar 

  5. Bellare, M., Rogaway, P.: Provably secure session key distribution — the three party case. In: 28th ACM STOC. ACM Press, New York (1996)

    Google Scholar 

  6. Bellare, M., Rogaway, P.: The AuthA protocol for password-based authenticated key exchange. Contributions to IEEE P1363 (2000)

    Google Scholar 

  7. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (1992)

    Google Scholar 

  8. Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 156. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  9. Bresson, E., Chevassut, O., Pointcheval, D.: New security results on encrypted key exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Byun, J.W., Jeong, I.R., Lee, D.H., Park, C.-S.: Password-authenticated key exchange between clients with different passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. In: 30th ACM STOC. ACM Press, New York (1998)

    Google Scholar 

  12. Canetti, R., Krawczyk, H.: Security analysis of IKE’s signature-based key-exchange protocol. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 143. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory 22, 644–654 (1978)

    Article  MathSciNet  Google Scholar 

  14. Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 408. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Gong, L.: Optimal authentication protocols resistant to password guessing attacks. In: CSFW 1995, pp. 24–29. IEEE Computer Society, Los Alamitos (1995)

    Google Scholar 

  17. Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. ACM Transactions on Information and System Security, 524–543 (1999)

    Google Scholar 

  18. Krawczyk, H.: SIGMA: The “SIGn-and-MAc” approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  19. Lin, C.-L., Sun, H.-M., Hwang, T.: Three-party encrypted key exchange: Attacks and a solution. ACM SIGOPS Operating Systems Review 34(4), 12–20 (2000)

    Article  Google Scholar 

  20. MacKenzie, P., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 599. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  21. MacKenzie, P.: The PAK suite: Protocols for password-authenticated key exchange. Contributions to IEEE P1363.2 (2002)

    Google Scholar 

  22. Needham, R., Schroeder, M.: Using encryption for authentication in large networks of computers. Communications of the ACM 21(21), 993–999 (1978)

    Article  MATH  Google Scholar 

  23. Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)

    Google Scholar 

  24. Steiner, M., Tsudik, G., Waidner, M.: Refinement and extension of encrypted key exchange. ACM SIGOPS Operating Systems Review 29(3), 22–30 (1995)

    Article  Google Scholar 

  25. Wang, S., Wang, J., Xu, M.: Weaknesses of a password-authenticated key exchange protocol between clients with different passwords. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 414–425. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  26. Yeh, H.-T., Sun, H.-M., Hwang, T.: Efficient three-party authentication and key agreement protocols resistant to password guessing attacks. Journal of Information Science and Engineering 19(6), 1059–1070 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Departement d’Informatique, École normale supérieure, 45 Rue d’Ulm, 75230, Paris Cedex 05, France

    Michel Abdalla & David Pointcheval

Authors
  1. Michel Abdalla
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Pointcheval
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. National Research Council of Canada, 1200 Montreal RD.,, K1A 0R6, Ottawa, ON, Canada

    Andrew S. Patrick

  2. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, NY 10027, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Abdalla, M., Pointcheval, D. (2005). Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication. In: Patrick, A.S., Yung, M. (eds) Financial Cryptography and Data Security. FC 2005. Lecture Notes in Computer Science, vol 3570. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11507840_31

Download citation

  • DOI: https://doi.org/10.1007/11507840_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26656-3

  • Online ISBN: 978-3-540-31680-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation