Corpus ID: 2475833

Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions

@article{Benhamouda2013VerifierBasedPK,
  title={Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions},
  author={Fabrice Benhamouda and David Pointcheval},
  journal={IACR Cryptol. ePrint Arch.},
  year={2013},
  volume={2013},
  pages={833}
}
While password-authenticated key exchange (or PAKE) protocols have been deeply studied, a server corruption remains the main threat, with many concrete cases nowadays. Verifier-based PAKE (or VPAKE) protocols, initially called Augmented-PAKE, have been proposed to limit the impact of any leakage. However, no satisfactory security model has ever been proposed to quantify the actual security of a protocol in the standard model. The unique model proposed so far is an ideal functionality in the… Expand
A Provably-Secure and Efficient Verifier-Based Anonymous Password-Authenticated Key Exchange Protocol
TLDR
This paper proposes a novel verifier-based anonymous password-authenticated key exchange (VAPAKE) protocol constructed using smooth projective hashing function and proves the security of the protocol in the standard model. Expand
A Verifier-Based Password-Authenticated Key Exchange Using Tamper-Proof Hardware
TLDR
This paper transforms Katz–Vaikuntanathan one-round PAKE into two-round VPAKE so as to instill resilience to server compromises, and provides a formal definition of VPAke using tamper-proof hardware and security proof without random oracles. Expand
VTBPEKE: Verifier-based Two-Basis Password Exponential Key Exchange
TLDR
An asymmetric variant of TBPEKE, also known as VPAKE, for Verifier-based Password Authenticated Key Exchange is studied, which is also quite efficient, and resistant to server-compromise. Expand
Verifier-based anonymous password-authenticated key exchange protocol in the standard model.
TLDR
A verifier-based anonymous password-authenticated key exchange protocol, in which the server holds a verifier corresponding to each client instead of the clear password, which is proved secure in the standard model. Expand
Separating Standard and Asymmetric Password-Authenticated Key Exchange
  • Julia Hesse
  • Computer Science
  • IACR Cryptol. ePrint Arch.
  • 2019
TLDR
It is proved that a strong assumption like a programmable random oracle is necessary to achieve security of asymmetric PAKE in the Universal Composability (UC) framework, and it is demonstrated that reliance on aprogrammablerandom oracle hinders construction of multi-party aPAKE protocols from 2-party protocols via UC composition. Expand
Strong Asymmetric PAKE based on Trapdoor CKEM
TLDR
Recently, Jarecki, Krawczyk, and Xu formalized a Universally Composable strong aPAKE (saPAKE) that requires the password hash to be salted so that the dictionary attack can only start after the server compromise leaks the salt and the salted hash. Expand
Password-Based Authenticated Key Exchange Based on Signcryption for the Internet of Things
TLDR
A new paradigm of designing PAKE protocols using signcryption scheme, which not only formally fulfills all security requirements but also is able to provide outstanding computational efficiency over some patented protocols, which target two-party setting such as EKE, J-PAKE, and SRP. Expand
Round-Reduced Modular Construction of Asymmetric Password-Authenticated Key Exchange
TLDR
Encrypted PAKE literature addresses the password-only setting, without assuming certified public keys, but it commonly does not address the asymmetric PAKE setting which is required for client-to-server authentication. Expand
OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-Computation Attacks
TLDR
Asymmetric PAKE (aPAKE) strengthens this notion for the more common client-server setting where the server stores a mapping of the password and security is required even upon server compromise, that is, the only allowed attack in this case is an (inevitable) offline exhaustive dictionary attack against individual user passwords. Expand
Zero-Knowledge Password Policy Checks and Verifier-Based PAKE
TLDR
A reversible mapping of ASCII characters to integers that can be used to preserve the structure of the password string and a new randomized password hashing scheme for ASCII-based passwords are introduced. Expand
...
1
2
3
4
...

References

SHOWING 1-10 OF 31 REFERENCES
A new framework for efficient password-based authenticated key exchange
TLDR
This work abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model, that is secure within the universal composability (UC) framework and is more efficient than a previous protocol of Canetti et al. Expand
Authenticated Key Exchange Secure against Dictionary Attacks
TLDR
Correctness for the idea at the center of the Encrypted Key-Exchange protocol of Bellovin and Merritt is proved: it is proved security, in an ideal-cipher model, of the two-flow protocol at the core of EKE. Expand
A Framework for Password-Based Authenticated Key Exchange
TLDR
This paper presents a general framework for passwordbased authenticated key exchange protocols, in the common reference string model, based on the recently introduced notion of smooth projective hashing by Cramer and Shoup, and obtains a modular protocol that can be described using just three high-level cryptographic tools. Expand
Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords
TLDR
This work shows an efficient, 3-round, password-authenticated key exchange protocol with human-memorable passwords which is provably secure under the Decisional Diffie-Hellman assumption, yet requires only (roughly) 8 times more computation than "standard" Diffie -Hellman key exchange (which provides no authentication at all). Expand
Password-Based Authenticated Key Exchange in the Three-Party Setting
TLDR
The authors present a natural generic construction of a 3- party PAKE protocol from any 2-party PAke protocol and prove its security, which is the first provably secure PAKE Protocol in the 3-party setting. Expand
Zero-Knowledge Password Policy Checks and Verifier-Based PAKE
TLDR
A reversible mapping of ASCII characters to integers that can be used to preserve the structure of the password string and a new randomized password hashing scheme for ASCII-based passwords are introduced. Expand
Security proofs for an efficient password-based key exchange
TLDR
The analysis of very efficient schemes that have been proposed to the IEEE P1363 Standard working group on password-based authenticated key-exchange methods shows that the AuthA protocol and its multiple modes of operations are provably secure under the computational Diffie-Hellman intractability assumption. Expand
A Method for Making Password-Based Key Exchange Resilient to Server Compromise
TLDR
Security in the universal composability framework is proved by defining a new functionality for PAKE with resilience to server compromise, specifying a protocol combining this technique with a (basic) PAKE functionality, and proving that this protocol securely realizes the new functionality. Expand
New Techniques for SPHFs and Efficient One-Round PAKE Protocols
TLDR
This paper presents the first concrete one-round PAKE protocols, where the two players just have to send simultaneous flows to each other, at the cost of simulation-sound non-interactive zero-knowledge proofs. Expand
Simple Password-Based Encrypted Key Exchange Protocols
TLDR
This paper presents two simple password-based encrypted key exchange protocols based on that of Bellovin and Merritt, and one of them is more suitable to scenarios in which the password is shared across several servers, while the other enjoys better security properties. Expand
...
1
2
3
4
...