Password-authenticated key exchange between clients with different passwords

Jin Wook Byun; ik rae Jeong; Dong Hoon Lee; Chang Seop Park

Password-authenticated key exchange between clients with different passwords

Jin Wook Byun, ik rae Jeong, Dong Hoon Lee, Chang Seop Park

Graduate School of Information Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

86 Citations (Scopus)

Abstract

Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.

Original language	English
Title of host publication	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publisher	Springer Verlag
Pages	134-146
Number of pages	13
Volume	2513
ISBN (Print)	3540001646
Publication status	Published - 2002
Event	4th International Conference on Information and Communications Security, ICICS 2002 - Singapore, Singapore Duration: 2002 Dec 9 → 2002 Dec 12

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2513
ISSN (Print)	03029743
ISSN (Electronic)	16113349

Other

Other	4th International Conference on Information and Communications Security, ICICS 2002
Country	Singapore
City	Singapore
Period	02/12/9 → 02/12/12

Fingerprint

Keywords

Cross-realm
Dictionary attack
Kerberos
Key exchange
Password authentication

ASJC Scopus subject areas

Computer Science(all)
Theoretical Computer Science

Cite this

Byun, J. W., Jeong, I. R., Lee, D. H., & Park, C. S. (2002). Password-authenticated key exchange between clients with different passwords. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2513, pp. 134-146). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513). Springer Verlag.

Password-authenticated key exchange between clients with different passwords. / Byun, Jin Wook; Jeong, ik rae ; Lee, Dong Hoon; Park, Chang Seop.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513 Springer Verlag, 2002. p. 134-146 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 2513).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Byun, JW, Jeong, IR , Lee, DH & Park, CS 2002, Password-authenticated key exchange between clients with different passwords. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 2513, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2513, Springer Verlag, pp. 134-146, 4th International Conference on Information and Communications Security, ICICS 2002, Singapore, Singapore, 02/12/9.

Byun JW, Jeong IR , Lee DH, Park CS. Password-authenticated key exchange between clients with different passwords. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513. Springer Verlag. 2002. p. 134-146. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

Byun, Jin Wook ; Jeong, ik rae ; Lee, Dong Hoon ; Park, Chang Seop. / Password-authenticated key exchange between clients with different passwords. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 2513 Springer Verlag, 2002. pp. 134-146 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{34dff4f464fc4283a55247db64ea87c4,

title = "Password-authenticated key exchange between clients with different passwords",

abstract = "Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.",

keywords = "Cross-realm, Dictionary attack, Kerberos, Key exchange, Password authentication",

author = "Byun, {Jin Wook} and Jeong, {ik rae} and Lee, {Dong Hoon} and Park, {Chang Seop}",

year = "2002",

language = "English",

isbn = "3540001646",

volume = "2513",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "134--146",

booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

note = "4th International Conference on Information and Communications Security, ICICS 2002 ; Conference date: 09-12-2002 Through 12-12-2002",

}

TY - GEN

T1 - Password-authenticated key exchange between clients with different passwords

AU - Byun, Jin Wook

AU - Jeong, ik rae

AU - Lee, Dong Hoon

AU - Park, Chang Seop

PY - 2002

Y1 - 2002

N2 - Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.

AB - Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modern communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2CPAKE). Security notions and types of possible attacks are newly defined according to the new framework. We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.

KW - Cross-realm

KW - Dictionary attack

KW - Kerberos

KW - Key exchange

KW - Password authentication

UR - http://www.scopus.com/inward/record.url?scp=84944063128&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944063128&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84944063128

SN - 3540001646

VL - 2513

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 134

EP - 146

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

PB - Springer Verlag

T2 - 4th International Conference on Information and Communications Security, ICICS 2002

Y2 - 9 December 2002 through 12 December 2002

ER -

Password-authenticated key exchange between clients with different passwords

Abstract

Publication series

Other

Fingerprint

Keywords

ASJC Scopus subject areas

Cite this

Access to Document