Skip to main content
SpringerLink
Log in

Strengthened PAKE Protocols Secure Against Malicious Private Key Generator

  • Conference paper
  • First Online:
Information Security Applications (WISA 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11897))

Included in the following conference series:

Abstract

At WISA 2015, Choi et al. [9] proposed an identity-based password-authenticated key exchange (iPAKE) protocol using the Boneh-Franklin IBE scheme. In this paper, we revisit the iPAKE protocol [9] (and its generic construction) that has been standardized in the international standard committee ISO/IEC JTC 1/SC 27. First, we show that the iPAKE protocol is insecure against passive/active attacks by a malicious PKG (Private Key Generator) where the malicious PKG can find out all clients’ passwords by just eavesdropping the communications, and the PKG can share a session key with any client by impersonating the server. Then, we propose two strengthened PAKE (SPI and SPI-S) protocols that prevents such malicious PKG’s passive/active attacks. Also, we discuss security of the SPI and SPI-S protocols, and compare relevant protocols in terms of efficiency and security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    According to the ISO/IEC JTC 1/SC 27 meeting, these protocols [9, 11] already became Korean key management standard in 2015, and have been applied to various applications (e.g. retails, smart home, payment).

  2. 2.

    In other words, the PKG should solve the discrete logarithm between two random generators g and h.

References

  1. Research papers on password-based cryptography. http://www.jablon.org/passwordlinks.html. Accessed 8 Aug 2019

  2. Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_14

    Chapter  Google Scholar 

  3. Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS 1993, pp. 62–73. ACM (1993)

    Google Scholar 

  4. Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Symposium on Security and Privacy, pp. 72–84. IEEE (1992)

    Google Scholar 

  5. Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: CCS 1993, pp. 244–250. ACM (1993)

    Google Scholar 

  6. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  7. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)

    Article  MathSciNet  Google Scholar 

  8. Boyen, X.: A tapestry of identity-based encryption: practical frameworks compared. Int. J. Appl. Crypt. 1(1), 3–21 (2008)

    Article  MathSciNet  Google Scholar 

  9. Choi, K.Y., Cho, J., Hwang, J.Y., Kwon, T.: Constructing efficient PAKE protocols from identity-based KEM/DEM. In: Kim, H., Choi, D. (eds.) WISA 2015. LNCS, vol. 9503, pp. 411–422. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31875-2_34

    Chapter  Google Scholar 

  10. Galindo, D., Garcia, F.D.: A schnorr-like lightweight identity-based signature scheme. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 135–148. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02384-2_9

    Chapter  Google Scholar 

  11. Hwang, J.Y., Kim, S.-H., Choi, D., Jin, S.-H., Song, B.: Robust authenticated key exchange using passwords and identity-based signatures. In: Chen, L., Matsuo, S. (eds.) SSR 2015. LNCS, vol. 9497, pp. 43–69. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27152-1_3

    Chapter  Google Scholar 

  12. ISO/IEC JTC 1/SC 27: Information security, cybersecurity and privacy protection. https://www.iso.org/committee/45306.html. Accessed 8 Aug 2019

  13. Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 456–486. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7_15

    Chapter  Google Scholar 

  14. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography, pp. 617–618. CRC Press (1996)

    Google Scholar 

  15. Straus, E.G.: Addition chains of vectors. Am. Math. Mon. 71(7), 806–808 (1964)

    Google Scholar 

  16. Yi, X., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT 2012, pp. 45–54. Science and Technology Publications (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Advanced Industrial Science and Technology (AIST), 2-4-7 Aomi, Koto-ku, Tokyo, 135-0064, Japan

    SeongHan Shin

Authors
  1. SeongHan Shin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to SeongHan Shin .

Editor information

Editors and Affiliations

  1. Soonchunhyang University, Asan, Korea (Republic of)

    Ilsun You

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shin, S. (2020). Strengthened PAKE Protocols Secure Against Malicious Private Key Generator. In: You, I. (eds) Information Security Applications. WISA 2019. Lecture Notes in Computer Science(), vol 11897. Springer, Cham. https://doi.org/10.1007/978-3-030-39303-8_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-39303-8_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-39302-1

  • Online ISBN: 978-3-030-39303-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation