Skip to main content
Springer Nature Link
Log in

Efficient Augmented Password-Based Encrypted Key Exchange Protocol

  • Conference paper
Mobile Ad-hoc and Sensor Networks (MSN 2006)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4325))

Included in the following conference series:

Abstract

In this paper, we propose an efficient augmented password-based encrypted key exchange protocol based on that of Bellovin and Merritt. The protocol is more efficient than any of the existing augmented encrypted key exchange protocols in the literature we can document and thus is popular in low resource environments. Furthermore, we have proved its security under the assumptions that the hash function closely behaves like a random oracle and that the computational Diffie-Hellman problem is difficult.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: 1992 IEEE Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society Press, Los Alamitos (1992)

    Chapter  Google Scholar 

  2. Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In: ACM Security (CCS 1993), pp. 224–250 (1993)

    Google Scholar 

  3. Gong, L.: Optimal authentication protocols resistant to password guessing attacks. In: 8th IEEE Computer Security Foundations Workshop, pp. 24–29 (1995)

    Google Scholar 

  4. Jablon, D.: Strong password-only authentication key exchange. ACM Computer Communication Review, ACM SIGCOMM 26(5), 5–20 (1996)

    Article  Google Scholar 

  5. Jablon, D.: Extended password key exchange protocols immune to dictionary attack. In: WETICE 1997 Workshop on Enterprise Security (1997)

    Google Scholar 

  6. Lucks, S.: Open key exchange: How to defeat dictPionary attacks without encrypting public keys. In: Proceedings of the Workshop on Security Protocols (1997)

    Google Scholar 

  7. Boyd, C., Montague, P., Nguyen, K.: Elliptic Curve Based Password Authenticated Key Exchange Protocols. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 487–501. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. Wong, D.S., Chan, A.H., Zhu, F.: Password Authenticated Key Exchange for Resource-Constrained Wireless Communications (Extended Abstract). ICN (2), 827–834 (2005)

    Google Scholar 

  9. Bellare, M., Rogaway, P.: The AuthA protocol for password-based authenticated key exchange. In: Contributions to IEEE P1363 (March 2000)

    Google Scholar 

  10. Bresson, E., Chevassut, O., Pointcheval, D.: Security proofs for an efficient password-based key exchange. In: ACM CCS 2003. ACM Press, New York (2003)

    Google Scholar 

  11. Bresson, E., Chevassut, O., Pointcheval, D.: New security results on encrypted key exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Kobara, K., Imai, H.: Pretty-simple password-authenticated key-exchange under standard assumptions. IEICE Transactions E85-A(10), 2229–2237 (2002), Also available at: http://eprint.iacr.org/2003/038/

    Google Scholar 

  13. MacKenzie, P.D.: The PAK suite: Protocols for password-authenticated key exchange. Contributions to IEEE P1363.2 (2002)

    Google Scholar 

  14. Abdalla, M., Pointcheval, D.: Simple Password-Based Encrypted Key Exchange Protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  15. Abdalla, M., Chevassut, O., Pointcheval, D.: One-time verifier-based encrypted key exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47–64. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Patel, S.: Number theoretic attacks on secure password schemes. In: Proceedings of IEEE Security and Privacy, pp. 236–247 (1997)

    Google Scholar 

  17. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: 38th Annual Symposium on Foundations of Computer Science, Miami Beach, Florida, October 19-22, 1997, pp. 394–403. IEEE Computer Society Press, Los Alamitos (1997)

    Chapter  Google Scholar 

  18. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  19. Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Networks Engineering, Zhengzhou Information Engineering Institute, Zhengzhou, 450002, China

    Shuhua Wu & Yuefei Zhu

Authors
  1. Shuhua Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuefei Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Hong Kong Polytechnic University, Kowloon, Hong Kong, China

    Jiannong Cao

  2. SITE, University of Ottawa, Ontario K1N 6N5, Canada and EECE, University of Birmingham, UK

    Ivan Stojmenovic

  3. Department of Computer Science, City University of Hong Kong,  

    Xiaohua Jia

  4. Department of Computer Science and Engineering, University of Texas at Arlington, P.O. Box 19015, 76019, Arlington, TX, USA

    Sajal K. Das

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wu, S., Zhu, Y. (2006). Efficient Augmented Password-Based Encrypted Key Exchange Protocol. In: Cao, J., Stojmenovic, I., Jia, X., Das, S.K. (eds) Mobile Ad-hoc and Sensor Networks. MSN 2006. Lecture Notes in Computer Science, vol 4325. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11943952_45

Download citation

  • DOI: https://doi.org/10.1007/11943952_45

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-49932-9

  • Online ISBN: 978-3-540-49933-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics