Abstract
EAP (Extensible Authentication Protocol) provides authentication for each entity based on IEEE Std 802.1x wireless Local Area Networks and RADIUS/DIAMETER protocol and uses authentication certificates, passwords, and dual schemes (e.g., password and token). A password-based authentication scheme for authorized key exchange is a widely used user authentication scheme because it is easy to memorize, convenient, and portable. A specific hardware device is also unnecessary. This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for session key exchange when using secure encoded telecommunications. A secure EAP authentication framework, EAP-SPAKE, is also suggested.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Carlson, J., Aboba, B., Haverinen, H.: EAP SRP-SHA1 Authentication Protocol. IETF Network Working Group <draft-ietf-pppext-eap-srp-03.txt> (2001)
Funk, P., Blake-Wilson, S.: EAP Tunneled TLS Authentication Protocol. IETF PPPEXT Working Group <draft-ietf-pppext-eap-ttls-02.txt> (2002)
Menezes, A., van Oorschot, P., Vanston, S.: Handbook of applied cryptography, p. 618. CRC Press, Boca Raton (1997)
Lee, S., Han, K., Kang, S.-k., Kim, K., Ine, S.: Threshold Password-Based Authentication Using Bilinear Pairings. In: Katsikas, S.K., Gritzalis, S., Lopez, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 350–363. Springer, Heidelberg (2004)
Boyko, V., MacKenzie, P., Patel, S.: Provably Secure Password Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)
Kwon, T.: Ultimate Solution to Authentication via Memorable Password. IEEE P1363.2 Working Group (2000)
Kwon, T.: Authentication and key agreement via memorable passwords. In: Proceedings of the ISOC Network and Distributed System Security (NDSS) (2001)
Hwang, Y., Yum, D., Lee, P.: EPA: An efficient password-based protocol for authenticated key exchange. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 324–335. Springer, Heidelberg (2003)
Kwon, T.: Addendum to Summary of AMP. IEEE P1363.2 Working Group (2003)
Bellovin, S., Merritt, M.: Encryted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of IEEE Comp. Society Symp. on Research in Security and Privacy, pp. 72–84. IEEE Computer Society Press, Los Alamitos (1992)
Wu, T.: Secure remote password protocol. In: Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pp. 97–111 (1998)
Bellare, M., Rogaway, P.: The AuthA protocolfor password-based authenticated key exchange. IEEE P1363.2 Working Group (2000)
MacKenzie, P., Shrimpton, T., Jakobsson, M.: Threshold Password Authenticated Key Exchange. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 369–384. Springer, Heidelberg (2002)
Wang, X.: Intrusion Tolerant Password-Enabled PKI. In: Proceedings of 2nd annual PKI Research Workshop (2002)
Kwon, T.: Refinement and Improvement of Virtual Software Token Protocols. IEEE Communications Letters 8(1), 75–77 (2004)
Ford, W., Kaliski, B.: Server-Assisted Generation of a Strong Secret from a Password. IEEE P1363.2 Working Group (2000)
Kim, J.H., Radharkrishnan, S., Jang, J.S.: Cost Optimization in SIS model of Worm Infection. ETRIJ 28(5), 692–695 (2006)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure Against Dictionary Attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman Key Agreement Protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999)
Maurer, U., Wolf, S.: Diffie-Hellman, Decision Diffie-Hellman, and Discrete Logarithms. In: Proceedings of IEEE International Symposium on Information Theory Society, p. 327. IEEE Computer Society Press, Los Alamitos (1998)
Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) Algorithmic Number Theory. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)
Denning, D., Sacco, G.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1981)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Ryu, J. (2007). EAP Using the Split Password-Based Authenticated Key Agreement. In: Lee, J.K., Yi, O., Yung, M. (eds) Information Security Applications. WISA 2006. Lecture Notes in Computer Science, vol 4298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71093-6_28
Download citation
DOI: https://doi.org/10.1007/978-3-540-71093-6_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71092-9
Online ISBN: 978-3-540-71093-6
eBook Packages: Computer ScienceComputer Science (R0)