Efficient and provably secure client-to-client password-based key exchange protocol

Jin Wook Byun; Dong Hoon Lee; Jong In Lim

doi:10.1007/11610113_81

Efficient and provably secure client-to-client password-based key exchange protocol

Jin Wook Byun, Dong Hoon Lee, Jong In Lim

School of Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

24 Citations (Scopus)

Abstract

We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

Original language	English
Title of host publication	Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings
Pages	830-836
Number of pages	7
DOIs	https://doi.org/10.1007/11610113_81
Publication status	Published - 2006
Event	8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development - Harbin, China Duration: 2006 Jan 16 → 2006 Jan 18

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	3841 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Other

Other	8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development
Country/Territory	China
City	Harbin
Period	06/1/16 → 06/1/18

Keywords

Authenticated key exchange
Dictionary attacks
Different password authentication
Human memorable password
Mobile computing

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/11610113_81

Cite this

Byun, J. W., Lee, D. H., & Lim, J. I. (2006). Efficient and provably secure client-to-client password-based key exchange protocol. In Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings (pp. 830-836). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3841 LNCS). https://doi.org/10.1007/11610113_81

Efficient and provably secure client-to-client password-based key exchange protocol. / Byun, Jin Wook; Lee, Dong Hoon ; Lim, Jong In.
Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings. 2006. p. 830-836 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3841 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Byun, JW, Lee, DH & Lim, JI 2006, Efficient and provably secure client-to-client password-based key exchange protocol. in Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3841 LNCS, pp. 830-836, 8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development, Harbin, China, 06/1/16. https://doi.org/10.1007/11610113_81

Byun JW, Lee DH , Lim JI. Efficient and provably secure client-to-client password-based key exchange protocol. In Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings. 2006. p. 830-836. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/11610113_81

Byun, Jin Wook ; Lee, Dong Hoon ; Lim, Jong In. / Efficient and provably secure client-to-client password-based key exchange protocol. Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings. 2006. pp. 830-836 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{b2461e4fe8fe45d9b54118701224f5a0,

title = "Efficient and provably secure client-to-client password-based key exchange protocol",

abstract = "We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.",

keywords = "Authenticated key exchange, Dictionary attacks, Different password authentication, Human memorable password, Mobile computing",

author = "Byun, {Jin Wook} and Lee, {Dong Hoon} and Lim, {Jong In}",

year = "2006",

doi = "10.1007/11610113_81",

language = "English",

isbn = "3540311424",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "830--836",

booktitle = "Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings",

note = "8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development ; Conference date: 16-01-2006 Through 18-01-2006",

}

TY - GEN

T1 - Efficient and provably secure client-to-client password-based key exchange protocol

AU - Byun, Jin Wook

AU - Lee, Dong Hoon

AU - Lim, Jong In

PY - 2006

Y1 - 2006

N2 - We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

AB - We study client-to-client password-authenticated key exchange (C2C-PAKE) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented C2C-PAKE schemes under the cross-realm setting. However, the schemes were not formally treated, and subsequently found to be flawed. In addition, in the schemes, there are still rooms for improvements both in computational and communicational aspects. In this paper we suggest an efficient C2C-PAKE (EC2C-PAKE) protocol, and prove that EC2C-PAKE protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.

KW - Authenticated key exchange

KW - Dictionary attacks

KW - Different password authentication

KW - Human memorable password

KW - Mobile computing

UR - http://www.scopus.com/inward/record.url?scp=33745677007&partnerID=8YFLogxK

U2 - 10.1007/11610113_81

DO - 10.1007/11610113_81

M3 - Conference contribution

AN - SCOPUS:33745677007

SN - 3540311424

SN - 9783540311423

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 830

EP - 836

BT - Frontiers of WWW Research and Development - APWeb 2006 - 8th Asia-Pacific Web Conference, Proceedings

T2 - 8th Asia-Pacific Web Conference, APWeb 2006: Frontiers of WWW Research and Development

Y2 - 16 January 2006 through 18 January 2006

ER -

Efficient and provably secure client-to-client password-based key exchange protocol

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this