Authenticated Key Exchange Secure against Dictionary Attacks

@article{Bellare2000AuthenticatedKE,
  title={Authenticated Key Exchange Secure against Dictionary Attacks},
  author={Mihir Bellare and David Pointcheval and Phillip Rogaway},
  journal={IACR Cryptol. ePrint Arch.},
  year={2000},
  volume={2000},
  pages={14}
}
Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, off line, all possible passwords. [...] Key Method The one model can be used to define various goals. We take AKE (with "implicit" authentication) as the "basic" goal, and we give definitions for it, and for entity-authentication goals as well. Then we prove correctness for the idea at the center of the Encrypted Key-Exchange (EKE…Expand
Forward Secrecy in Password-Only Key Exchange Protocols
TLDR
This paper presents a natural definition of security which incorporates the more challenging requirement of forward secrecy and provides the first natural example showing that forward secrecy is a strictly stronger requirement for PAKE protocols. Expand
Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman
TLDR
This work presents a new protocol called PAK, which is the first Diffie-Hellman-based password-authenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries. Expand
Efficient and secure authenticated key exchange using weak passwords
TLDR
The authors' is the first protocol for password-only authentication that is both practical and provably-secure using standard cryptographic assumptions, and is remarkably efficient, requiring computation only 4 times greater than “classical” Diffie-Hellman key exchange that provides no authentication at all. Expand
Password-authenticated key exchange based on RSA
TLDR
This paper examines how to design a secure password-authenticated key exchange protocol based on RSA and presents an augmented protocol that is resilient to server compromise, meaning (informally) that an attacker who compromises a server would not be able to impersonate a client, at least not without running an offline dictionary attack against that client’s password. Expand
Password-Authenticated Key Exchange Based on RSA
TLDR
It is shown how to modify the OKE protocol to obtain a password-authenticated key exchange protocol that can be proven secure (in the random oracle model), and the resulting protocol is very practical; the basic protocol requires about the same amount of computation as the Diffie-Hellman-based protocols or the well-known ssh protocol. Expand
Provably secure threshold password-authenticated key exchange
TLDR
These are the first protocols which are provably secure in the standard model (i.e., no random oracles are used for the proof of security) and are reasonably efficient and implementable in practice. Expand
Provably Secure Threshold Password-Authenticated Key Exchange
TLDR
This work presents two protocols for threshold password authenticated key exchange, the first protocols which are provably secure in the standard model (i.e. no random oracles are used for the proof of security). Expand
Provably Secure Threshold Password-Authenticated Key Exchange Extended Abstract
TLDR
These are the first protocols which are provably secure in the standard model (i.e. no random oracles are used for the proof of security) and are reasonably efficient and implementable in practice. Expand
Password-based authenticated key exchange protocols
  • Su Yuanyuan, Liu Wengang
  • Computer Science
  • 2010 3rd International Conference on Advanced Computer Theory and Engineering(ICACTE)
  • 2010
TLDR
Existing PAKE definition is extended to a new one so that improved model can give an adversary more power to break the protocols, and it is shown that the model can not well captued more realistic attacks in practice. Expand
A new framework for efficient password-based authenticated key exchange
TLDR
This work abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model, that is secure within the universal composability (UC) framework and is more efficient than a previous protocol of Canetti et al. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 26 REFERENCES
Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman
TLDR
This work presents a new protocol called PAK, which is the first Diffie-Hellman-based password-authenticated key exchange protocol to provide a formal proof of security (in the random oracle model) against both passive and active adversaries. Expand
Public-key cryptography and password protocols
TLDR
This work presents and analyze several simple password authentication protocols, and shows optimal resistance to off-line password guessing attacks under the choice of suitable public key encryption functions, and introduces the notion of public passwords that enables the use of the above protocols in situations where the client's machine does not have the means to validate the server's public key. Expand
Strong password-only authenticated key exchange
A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channelExpand
Extended password key exchange protocols immune to dictionary attack
  • David P. Jablon
  • Computer Science
  • Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
  • 1997
TLDR
A new extension to further limit exposure to theft of a stored password-verifier is described, and it is applied to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Expand
The Secure Remote Password Protocol
TLDR
This new protocol combines techniques of zero-knowledge proofs with asymmetric key exchange protocols and has significantly improved performance over comparably strong extended methods that resist stolen-veri er attacks such as Augmented EKE or B-SPEKE. Expand
Public-key cryptography and password protocols: the multi-user case
TLDR
This work shows the inadequacy of both the HK formalization and protocol in the case where there is more than a single user, and proposes a new definition of security for the multi-user case, expressed in terms of transcripts of the entire system, rather than individual protocol executions. Expand
Encrypted key exchange: password-based protocols secure against dictionary attacks
  • S. Bellovin, Michael Merritt
  • Computer Science
  • Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1992
TLDR
A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. Expand
Secure password-based cipher suite for TLS
TLDR
This work proposes the integration of a password-based key-exchange protocol (DH-EKE) in the TLS protocol, the standardization of SSL by IETF, and the resulting protocol provides secure mutual authentication and key establishment over an insecure channel. Expand
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise
TLDR
Two ways to accomplish EKE augmented so that hosts do not store cleartext passwords are shown, one using digital signatures and one that relies on a family of commutative one-way functions. Expand
A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract)
TLDR
This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication and key exchange protocols and construct and prove the security of simple and practical Authentication and key-exchange protocols. Expand
...
1
2
3
...