Abstract
Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.
| Original language | English |
|---|---|
| Title of host publication | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Publisher | Springer Verlag |
| Pages | 134-146 |
| Number of pages | 13 |
| Volume | 2513 |
| ISBN (Print) | 3540001646 |
| Publication status | Published - 2002 |
| Event | 4th International Conference on Information and Communications Security, ICICS 2002 - Singapore, Singapore Duration: 2002 Dec 9 → 2002 Dec 12 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 2513 |
| ISSN (Print) | 03029743 |
| ISSN (Electronic) | 16113349 |
Other
| Other | 4th International Conference on Information and Communications Security, ICICS 2002 |
|---|---|
| Country | Singapore |
| City | Singapore |
| Period | 02/12/9 → 02/12/12 |
Fingerprint
Keywords
- Cross-realm
- Dictionary attack
- Kerberos
- Key exchange
- Password authentication
ASJC Scopus subject areas
- Computer Science(all)
- Theoretical Computer Science
Cite this
Password-authenticated key exchange between clients with different passwords. / Byun, Jin Wook; Jeong, ik rae; Lee, Dong Hoon; Park, Chang Seop.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513 Springer Verlag, 2002. p. 134-146 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Password-authenticated key exchange between clients with different passwords
AU - Byun, Jin Wook
AU - Jeong, ik rae
AU - Lee, Dong Hoon
AU - Park, Chang Seop
PY - 2002
Y1 - 2002
N2 - Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.
AB - Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.
KW - Cross-realm
KW - Dictionary attack
KW - Kerberos
KW - Key exchange
KW - Password authentication
UR - http://www.scopus.com/inward/record.url?scp=84944063128&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84944063128&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84944063128
SN - 3540001646
VL - 2513
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 134
EP - 146
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PB - Springer Verlag
ER -