Abstract
At WISA 2015, Choi et al. [9] proposed an identity-based password-authenticated key exchange (iPAKE) protocol using the Boneh-Franklin IBE scheme. In this paper, we revisit the iPAKE protocol [9] (and its generic construction) that has been standardized in the international standard committee ISO/IEC JTC 1/SC 27. First, we show that the iPAKE protocol is insecure against passive/active attacks by a malicious PKG (Private Key Generator) where the malicious PKG can find out all clients’ passwords by just eavesdropping the communications, and the PKG can share a session key with any client by impersonating the server. Then, we propose two strengthened PAKE (SPI and SPI-S) protocols that prevents such malicious PKG’s passive/active attacks. Also, we discuss security of the SPI and SPI-S protocols, and compare relevant protocols in terms of efficiency and security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
In other words, the PKG should solve the discrete logarithm between two random generators g and h.
References
Research papers on password-based cryptography. http://www.jablon.org/passwordlinks.html. Accessed 8 Aug 2019
Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30574-3_14
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS 1993, pp. 62–73. ACM (1993)
Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Symposium on Security and Privacy, pp. 72–84. IEEE (1992)
Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: CCS 1993, pp. 244–250. ACM (1993)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)
Boyen, X.: A tapestry of identity-based encryption: practical frameworks compared. Int. J. Appl. Crypt. 1(1), 3–21 (2008)
Choi, K.Y., Cho, J., Hwang, J.Y., Kwon, T.: Constructing efficient PAKE protocols from identity-based KEM/DEM. In: Kim, H., Choi, D. (eds.) WISA 2015. LNCS, vol. 9503, pp. 411–422. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31875-2_34
Galindo, D., Garcia, F.D.: A schnorr-like lightweight identity-based signature scheme. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 135–148. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02384-2_9
Hwang, J.Y., Kim, S.-H., Choi, D., Jin, S.-H., Song, B.: Robust authenticated key exchange using passwords and identity-based signatures. In: Chen, L., Matsuo, S. (eds.) SSR 2015. LNCS, vol. 9497, pp. 43–69. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27152-1_3
ISO/IEC JTC 1/SC 27: Information security, cybersecurity and privacy protection. https://www.iso.org/committee/45306.html. Accessed 8 Aug 2019
Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 456–486. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7_15
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography, pp. 617–618. CRC Press (1996)
Straus, E.G.: Addition chains of vectors. Am. Math. Mon. 71(7), 806–808 (1964)
Yi, X., Tso, R., Okamoto, E.: Identity-based password-authenticated key exchange for client/server model. In: SECRYPT 2012, pp. 45–54. Science and Technology Publications (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Shin, S. (2020). Strengthened PAKE Protocols Secure Against Malicious Private Key Generator. In: You, I. (eds) Information Security Applications. WISA 2019. Lecture Notes in Computer Science(), vol 11897. Springer, Cham. https://doi.org/10.1007/978-3-030-39303-8_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-39303-8_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39302-1
Online ISBN: 978-3-030-39303-8
eBook Packages: Computer ScienceComputer Science (R0)