Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks

Jeong Ok Kwon; Kouichi Sakurai; Dong Hoon Lee

doi:10.1007/11758501_152

Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks

Jeong Ok Kwon, Kouichi Sakurai, Dong Hoon Lee

Graduate School of Information Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Citations (Scopus)

Abstract

A password-authenticated key exchange (PAKE) protocol in the three-party setting allows two users communicating over a public network to agree on a common session key by the help of a server. In the setting the users do not share a password between themselves, but only with the server. In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle. The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security. Finally, we indentify the relations between detectable on-line and undetectable on-line dictionary attacks by providing counter-examples to support the observed relations¹.

Original language	English
Title of host publication	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages	977-980
Number of pages	4
Volume	3991 LNCS - I
DOIs	https://doi.org/10.1007/11758501_152
Publication status	Published - 2006 Aug 7
Event	ICCS 2006: 6th International Conference on Computational Science - Reading, United Kingdom Duration: 2006 May 28 → 2006 May 31

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3991 LNCS - I
ISSN (Print)	03029743
ISSN (Electronic)	16113349

Other

Other	ICCS 2006: 6th International Conference on Computational Science
Country	United Kingdom
City	Reading
Period	06/5/28 → 06/5/31

Fingerprint

Authenticated Key Exchange

Password

Glossaries

Attack

Network protocols

Servers

Server

Random Oracle

Counterexample

Dictionary

Keywords

Cryptography
Dictionary attacks
Mobile network security
Password-authenticated key exchange
Round complexity

ASJC Scopus subject areas

Computer Science(all)
Biochemistry, Genetics and Molecular Biology(all)
Theoretical Computer Science

Cite this

Kwon, J. O., Sakurai, K., & Lee, D. H. (2006). Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3991 LNCS - I, pp. 977-980). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3991 LNCS - I). https://doi.org/10.1007/11758501_152

Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks. / Kwon, Jeong Ok; Sakurai, Kouichi; Lee, Dong Hoon.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3991 LNCS - I 2006. p. 977-980 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3991 LNCS - I).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kwon, JO, Sakurai, K & Lee, DH 2006, Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 3991 LNCS - I, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3991 LNCS - I, pp. 977-980, ICCS 2006: 6th International Conference on Computational Science, Reading, United Kingdom, 06/5/28. https://doi.org/10.1007/11758501_152

Kwon JO, Sakurai K, Lee DH. Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3991 LNCS - I. 2006. p. 977-980. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/11758501_152

Kwon, Jeong Ok ; Sakurai, Kouichi ; Lee, Dong Hoon. / Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 3991 LNCS - I 2006. pp. 977-980 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5d1e051b0db64ca98e50c135ce04f6c4,

title = "Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks",

abstract = "A password-authenticated key exchange (PAKE) protocol in the three-party setting allows two users communicating over a public network to agree on a common session key by the help of a server. In the setting the users do not share a password between themselves, but only with the server. In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle. The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security. Finally, we indentify the relations between detectable on-line and undetectable on-line dictionary attacks by providing counter-examples to support the observed relations1.",

keywords = "Cryptography, Dictionary attacks, Mobile network security, Password-authenticated key exchange, Round complexity",

author = "Kwon, {Jeong Ok} and Kouichi Sakurai and Lee, {Dong Hoon}",

year = "2006",

month = "8",

day = "7",

doi = "10.1007/11758501_152",

language = "English",

isbn = "3540343792",

volume = "3991 LNCS - I",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "977--980",

booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

}

TY - GEN

T1 - Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks

AU - Kwon, Jeong Ok

AU - Sakurai, Kouichi

AU - Lee, Dong Hoon

PY - 2006/8/7

Y1 - 2006/8/7

N2 - A password-authenticated key exchange (PAKE) protocol in the three-party setting allows two users communicating over a public network to agree on a common session key by the help of a server. In the setting the users do not share a password between themselves, but only with the server. In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle. The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security. Finally, we indentify the relations between detectable on-line and undetectable on-line dictionary attacks by providing counter-examples to support the observed relations1.

AB - A password-authenticated key exchange (PAKE) protocol in the three-party setting allows two users communicating over a public network to agree on a common session key by the help of a server. In the setting the users do not share a password between themselves, but only with the server. In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle. The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security. Finally, we indentify the relations between detectable on-line and undetectable on-line dictionary attacks by providing counter-examples to support the observed relations1.

KW - Cryptography

KW - Dictionary attacks

KW - Mobile network security

KW - Password-authenticated key exchange

KW - Round complexity

UR - http://www.scopus.com/inward/record.url?scp=33746614267&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33746614267&partnerID=8YFLogxK

U2 - 10.1007/11758501_152

DO - 10.1007/11758501_152

M3 - Conference contribution

SN - 3540343792

SN - 9783540343790

VL - 3991 LNCS - I

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 977

EP - 980

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -

Access to Document

10.1007/11758501_152