N-party encrypted diffie-hellman key exchange using different passwords

Jin Wook Byun, Dong Hoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

28 Citations (Scopus)

Abstract

We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science
EditorsJ. Ioannidis, A. Keromytis, M. Yung
Pages75-90
Number of pages16
Volume3531
Publication statusPublished - 2005
EventThird International Conference on Applied Cryptography and Network Security, ACNS 2005 - New York, NY, United States
Duration: 2005 Jun 72005 Jun 10

Other

OtherThird International Conference on Applied Cryptography and Network Security, ACNS 2005
CountryUnited States
CityNew York, NY
Period05/6/705/6/10

Fingerprint

Servers
Network protocols
Ubiquitous computing
Ad hoc networks
Communication

Keywords

  • Authenticated key exchange
  • Dictionary attacks
  • Different password authentication
  • Encrypted key exchange
  • N-party authentication
  • Password

ASJC Scopus subject areas

  • Computer Science (miscellaneous)

Cite this

Byun, J. W., & Lee, D. H. (2005). N-party encrypted diffie-hellman key exchange using different passwords. In J. Ioannidis, A. Keromytis, & M. Yung (Eds.), Lecture Notes in Computer Science (Vol. 3531, pp. 75-90)

N-party encrypted diffie-hellman key exchange using different passwords. / Byun, Jin Wook; Lee, Dong Hoon.

Lecture Notes in Computer Science. ed. / J. Ioannidis; A. Keromytis; M. Yung. Vol. 3531 2005. p. 75-90.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Byun, JW & Lee, DH 2005, N-party encrypted diffie-hellman key exchange using different passwords. in J Ioannidis, A Keromytis & M Yung (eds), Lecture Notes in Computer Science. vol. 3531, pp. 75-90, Third International Conference on Applied Cryptography and Network Security, ACNS 2005, New York, NY, United States, 05/6/7.
Byun JW, Lee DH. N-party encrypted diffie-hellman key exchange using different passwords. In Ioannidis J, Keromytis A, Yung M, editors, Lecture Notes in Computer Science. Vol. 3531. 2005. p. 75-90
Byun, Jin Wook ; Lee, Dong Hoon. / N-party encrypted diffie-hellman key exchange using different passwords. Lecture Notes in Computer Science. editor / J. Ioannidis ; A. Keromytis ; M. Yung. Vol. 3531 2005. pp. 75-90
@inproceedings{3735dbb5c22e45ca95b54c4eecbdd358,
title = "N-party encrypted diffie-hellman key exchange using different passwords",
abstract = "We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.",
keywords = "Authenticated key exchange, Dictionary attacks, Different password authentication, Encrypted key exchange, N-party authentication, Password",
author = "Byun, {Jin Wook} and Lee, {Dong Hoon}",
year = "2005",
language = "English",
volume = "3531",
pages = "75--90",
editor = "J. Ioannidis and A. Keromytis and M. Yung",
booktitle = "Lecture Notes in Computer Science",

}

TY - GEN

T1 - N-party encrypted diffie-hellman key exchange using different passwords

AU - Byun, Jin Wook

AU - Lee, Dong Hoon

PY - 2005

Y1 - 2005

N2 - We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.

AB - We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.

KW - Authenticated key exchange

KW - Dictionary attacks

KW - Different password authentication

KW - Encrypted key exchange

KW - N-party authentication

KW - Password

UR - http://www.scopus.com/inward/record.url?scp=26444523527&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=26444523527&partnerID=8YFLogxK

M3 - Conference contribution

VL - 3531

SP - 75

EP - 90

BT - Lecture Notes in Computer Science

A2 - Ioannidis, J.

A2 - Keromytis, A.

A2 - Yung, M.

ER -