Efficient and provably secure client-to-client password-based key exchange protocol

Jin Wook Byun, Dong Hoon Lee, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

24 Citations (Scopus)

Abstract

We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

Original languageEnglish
Title of host publicationFrontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings
Pages830-836
Number of pages7
DOIs
Publication statusPublished - 2006
Event8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development - Harbin, China
Duration: 2006 Jan 162006 Jan 18

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3841 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development
Country/TerritoryChina
CityHarbin
Period06/1/1606/1/18

Keywords

  • Authenticated key exchange
  • Dictionary attacks
  • Different password authentication
  • Human memorable password
  • Mobile computing

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Efficient and provably secure client-to-client password-based key exchange protocol'. Together they form a unique fingerprint.

Cite this