Abstract
We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.
| Original language | English |
|---|---|
| Title of host publication | Lecture Notes in Computer Science |
| Editors | J. Ioannidis, A. Keromytis, M. Yung |
| Pages | 75-90 |
| Number of pages | 16 |
| Volume | 3531 |
| Publication status | Published - 2005 |
| Event | Third International Conference on Applied Cryptography and Network Security, ACNS 2005 - New York, NY, United States Duration: 2005 Jun 7 → 2005 Jun 10 |
Other
| Other | Third International Conference on Applied Cryptography and Network Security, ACNS 2005 |
|---|---|
| Country | United States |
| City | New York, NY |
| Period | 05/6/7 → 05/6/10 |
Fingerprint
Keywords
- Authenticated key exchange
- Dictionary attacks
- Different password authentication
- Encrypted key exchange
- N-party authentication
- Password
ASJC Scopus subject areas
- Computer Science (miscellaneous)
Cite this
N-party encrypted diffie-hellman key exchange using different passwords. / Byun, Jin Wook; Lee, Dong Hoon.
Lecture Notes in Computer Science. ed. / J. Ioannidis; A. Keromytis; M. Yung. Vol. 3531 2005. p. 75-90.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - N-party encrypted diffie-hellman key exchange using different passwords
AU - Byun, Jin Wook
AU - Lee, Dong Hoon
PY - 2005
Y1 - 2005
N2 - We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.
AB - We consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N-1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an authenticated key exchange using a shared password between a client and a server. With a rapid change in modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. To achieve this end-to-end security, only a few schemes of three-party setting have been presented where two clients exchange a key using their own passwords with the help of a server. However, up until now, no formally treated and round efficient protocols which enable group members to generate a common session key with clients' distinct passwords have been suggested. In this paper we securely and efficiently extend three-party case to N-party case with a formal proof of security. Two provably secure N-party EKE protocols are suggested; N-party EKE-U in the unicast network and N-party EKE-M in the multicast network. The proposed N-party EKE-M is provable secure and provides forward secrecy. Especially, the scheme is of constant-round, hence scalable and practical.
KW - Authenticated key exchange
KW - Dictionary attacks
KW - Different password authentication
KW - Encrypted key exchange
KW - N-party authentication
KW - Password
UR - http://www.scopus.com/inward/record.url?scp=26444523527&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=26444523527&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:26444523527
VL - 3531
SP - 75
EP - 90
BT - Lecture Notes in Computer Science
A2 - Ioannidis, J.
A2 - Keromytis, A.
A2 - Yung, M.
ER -