Efficient and provably secure client-to-client password-based key exchange protocol

Jin Wook Byun, Dong Hoon Lee, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

20 Citations (Scopus)

Abstract

We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages830-836
Number of pages7
Volume3841 LNCS
DOIs
Publication statusPublished - 2006 Jul 6
Event8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development - Harbin, China
Duration: 2006 Jan 162006 Jan 18

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3841 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development
CountryChina
CityHarbin
Period06/1/1606/1/18

Fingerprint

Key Exchange
Password
Authenticated Key Exchange
Random Oracle Model
Diffie-Hellman

Keywords

  • Authenticated key exchange
  • Dictionary attacks
  • Different password authentication
  • Human memorable password
  • Mobile computing

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Cite this

Byun, J. W., Lee, D. H., & Lim, J. I. (2006). Efficient and provably secure client-to-client password-based key exchange protocol. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3841 LNCS, pp. 830-836). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3841 LNCS). https://doi.org/10.1007/11610113_81

Efficient and provably secure client-to-client password-based key exchange protocol. / Byun, Jin Wook; Lee, Dong Hoon; Lim, Jong In.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3841 LNCS 2006. p. 830-836 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3841 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Byun, JW, Lee, DH & Lim, JI 2006, Efficient and provably secure client-to-client password-based key exchange protocol. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 3841 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3841 LNCS, pp. 830-836, 8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development, Harbin, China, 06/1/16. https://doi.org/10.1007/11610113_81
Byun JW, Lee DH, Lim JI. Efficient and provably secure client-to-client password-based key exchange protocol. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3841 LNCS. 2006. p. 830-836. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/11610113_81
Byun, Jin Wook ; Lee, Dong Hoon ; Lim, Jong In. / Efficient and provably secure client-to-client password-based key exchange protocol. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3841 LNCS 2006. pp. 830-836 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{b2461e4fe8fe45d9b54118701224f5a0,
title = "Efficient and provably secure client-to-client password-based key exchange protocol",
abstract = "We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.",
keywords = "Authenticated key exchange, Dictionary attacks, Different password authentication, Human memorable password, Mobile computing",
author = "Byun, {Jin Wook} and Lee, {Dong Hoon} and Lim, {Jong In}",
year = "2006",
month = "7",
day = "6",
doi = "10.1007/11610113_81",
language = "English",
isbn = "3540311424",
volume = "3841 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "830--836",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

}

TY - GEN

T1 - Efficient and provably secure client-to-client password-based key exchange protocol

AU - Byun, Jin Wook

AU - Lee, Dong Hoon

AU - Lim, Jong In

PY - 2006/7/6

Y1 - 2006/7/6

N2 - We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

AB - We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

KW - Authenticated key exchange

KW - Dictionary attacks

KW - Different password authentication

KW - Human memorable password

KW - Mobile computing

UR - http://www.scopus.com/inward/record.url?scp=33745677007&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33745677007&partnerID=8YFLogxK

U2 - 10.1007/11610113_81

DO - 10.1007/11610113_81

M3 - Conference contribution

AN - SCOPUS:33745677007

SN - 3540311424

SN - 9783540311423

VL - 3841 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 830

EP - 836

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -