Efficient password-authenticated key exchange based on RSA

Sangjoon Park, Junghyun Nam, Seungjoo Kim, Dongho Won

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Citations (Scopus)


In this paper, we propose an efficient password-authenticated key exchange (PAKE) based on RSA, called RSA-EPAKE. Unlike SNAPI using a prime pubic key e greater than an RSA modulus n, RSA-EPAKE uses the public key e of a 96-bit prime, where e = 2H(n, s) +1 for some s. By the Prime Number Theorem, it is easy to find such an s. But the probability that an adversary finds n and s with gcd(e, φ(n)) ≠ 1 is less than 2−80. Hence, in the same as SNAPI, RSA-EPAKE is also secure against e-residue attacks. The computational load on Alice (or Server) and Bob (or Client) in RSA-EPAKE is less than in the previous RSA-based PAKEs such as SNAPI, PEKEP,CEKEP, and QR-EKE. In addition, the computational load on Bob in RSA-EPAKE is less than in PAKEs based on Diffie-Hellman key exchange (DHKE) with a 160-bit exponent. If we exclude perfect forward secrecy from consideration, the computational load on Alice is a little more than that in PAKEs based on DHKE with a 160-bit exponent. In this paper, we compare RSA-EPAKE with SNAPI, PEKEP, and CEKEP in computation and the number of rounds, and provide a formal security analysis of RSA-EPAKE under the RSA assumption in the random oracle model.

Original languageEnglish
Title of host publicationTopics in Cryptology
Subtitle of host publicationCT-RSA 2007 - The Cryptographers Track at the RSA Conference 2007, Proceedings
EditorsMasayuki Abe
PublisherSpringer Verlag
Number of pages15
ISBN (Print)9783540693277
Publication statusPublished - 2007
Externally publishedYes
EventCryptographers Track at the RSA Conference, CT-RSA 2007 - San Francisco, United States
Duration: 2007 Feb 52007 Feb 9

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4377 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


OtherCryptographers Track at the RSA Conference, CT-RSA 2007
Country/TerritoryUnited States
CitySan Francisco

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Efficient password-authenticated key exchange based on RSA'. Together they form a unique fingerprint.

Cite this