Abstract
At Asiacrypt 2003, Shin et al., have proposed a new authenticated key exchange (AKE) protocol named Leakage-Resilient AKE (for short, LR-AKE) [13]. The authenticity of LR-AKE is based on a user’s (relatively short) password and his/her stored secrets in both client side and server side. In their LR-AKE protocol, neither PKI (Public Key Infrastructures) nor TRM (Tamper Resistant Modules) is required and leakage of the stored secrets from any side does not reveal any critical information on the password.
As main contributions of this paper, we propose a simplified LR-AKE (LR-AKE) protocol that is more efficient rather than [13]: about 100% decrease in computation costs (excluding some negligible costs) in the initialization phase and about 96% reduction in memory size on client’s and servers’ devices where the memory size is optimal. That makes the LR-AKE protocol applicable for many applications, because password-based AKE protocols have been motivated by the very practical implementations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-based Protocols Secure against Dictioinary Attacks. In: Proc. of IEEE Symposium on Security and Privacy, pp. 72–84 (1992)
Blakley, G.R.: Safeguarding Cryptographic Keys. In: Proc. of National Computer Conference 1979 (AFIPS), vol. 48, pp. 313–317 (1979)
Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Frier, A., Karlton, P., Kocher, P.: The SSL 3.0 Protocol. Netscape Communications Corp. (1996), http://wp.netscape.com/eng/ssl3/
IEEE P1363. IEEE Standard Specifications for Public Key Cryptography. IEEE, November 12 (1999), http://grouper.ieee.org/groups/1363/P1363/index.html
IEEE P1363.2. Standard Specifications for Password-based Public Key Cryptographic Techniques. Draft version 18, November 15 (2004)
IETF (Internet Engineering Task Force). Secure Shell (secsh) Charter, http://www.ietf.org/html.charters/secsh-charter.html
IETF (Internet Engineering Task Force). Transport Layer Security (tls) Charter, http://www.ietf.org/html.charters/tls-charter.html
Menezes, A.J., Oorschot, P.C., Vanstone, S.A.: Simultaneous Multiple Exponentiation. In: Handbook of Applied Cryptography, pp. 617–619. CRC Press, Boca Raton (1997)
Naor, M., Yung, M.: Universal One-Way Hash Functions and Their Cryptographic Applications. In: Proc. of STOC 1989, pp. 33–43 (1989)
Phoenix Technologies Inc., Research Papers on Strong Password Authentication, available at http://www.jablon.org/passwordlinks.html
Shamir, A.: How to Share a Secret. Proc. of Communications of the ACM 22(11), 612–613 (1979)
Shin, S.H., Kobara, K., Imai, H.: Leakage-Resilient Authenticated Key Establishment Protocols. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 155–172. Springer, Heidelberg (2003)
The full version of this paper will appear
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shin, S., Kobara, K., Imai, H. (2005). A Simplified Leakage-Resilient Authenticated Key Exchange Protocol with Optimal Memory Size. In: Lorenz, P., Dini, P. (eds) Networking - ICN 2005. ICN 2005. Lecture Notes in Computer Science, vol 3421. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31957-3_107
Download citation
DOI: https://doi.org/10.1007/978-3-540-31957-3_107
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25338-9
Online ISBN: 978-3-540-31957-3
eBook Packages: Computer ScienceComputer Science (R0)