Skip to main content
SpringerLink
Log in

EAP Using the Split Password-Based Authenticated Key Agreement

  • Conference paper
Book cover Information Security Applications (WISA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4298))

Included in the following conference series:

  • 498 Accesses

Abstract

EAP (Extensible Authentication Protocol) provides authentication for each entity based on IEEE Std 802.1x wireless Local Area Networks and RADIUS/DIAMETER protocol and uses authentication certificates, passwords, and dual schemes (e.g., password and token). A password-based authentication scheme for authorized key exchange is a widely used user authentication scheme because it is easy to memorize, convenient, and portable. A specific hardware device is also unnecessary. This paper discusses user authentication via public networks and proposes the Split Password-based Authenticated Key Exchange (SPAKE), which is ideal for session key exchange when using secure encoded telecommunications. A secure EAP authentication framework, EAP-SPAKE, is also suggested.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Carlson, J., Aboba, B., Haverinen, H.: EAP SRP-SHA1 Authentication Protocol. IETF Network Working Group <draft-ietf-pppext-eap-srp-03.txt> (2001)

    Google Scholar 

  2. Funk, P., Blake-Wilson, S.: EAP Tunneled TLS Authentication Protocol. IETF PPPEXT Working Group <draft-ietf-pppext-eap-ttls-02.txt> (2002)

    Google Scholar 

  3. Menezes, A., van Oorschot, P., Vanston, S.: Handbook of applied cryptography, p. 618. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  4. Lee, S., Han, K., Kang, S.-k., Kim, K., Ine, S.: Threshold Password-Based Authentication Using Bilinear Pairings. In: Katsikas, S.K., Gritzalis, S., Lopez, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 350–363. Springer, Heidelberg (2004)

    Google Scholar 

  5. Boyko, V., MacKenzie, P., Patel, S.: Provably Secure Password Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  6. Kwon, T.: Ultimate Solution to Authentication via Memorable Password. IEEE P1363.2 Working Group (2000)

    Google Scholar 

  7. Kwon, T.: Authentication and key agreement via memorable passwords. In: Proceedings of the ISOC Network and Distributed System Security (NDSS) (2001)

    Google Scholar 

  8. Hwang, Y., Yum, D., Lee, P.: EPA: An efficient password-based protocol for authenticated key exchange. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 324–335. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Kwon, T.: Addendum to Summary of AMP. IEEE P1363.2 Working Group (2003)

    Google Scholar 

  10. Bellovin, S., Merritt, M.: Encryted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of IEEE Comp. Society Symp. on Research in Security and Privacy, pp. 72–84. IEEE Computer Society Press, Los Alamitos (1992)

    Chapter  Google Scholar 

  11. Wu, T.: Secure remote password protocol. In: Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pp. 97–111 (1998)

    Google Scholar 

  12. Bellare, M., Rogaway, P.: The AuthA protocolfor password-based authenticated key exchange. IEEE P1363.2 Working Group (2000)

    Google Scholar 

  13. MacKenzie, P., Shrimpton, T., Jakobsson, M.: Threshold Password Authenticated Key Exchange. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 369–384. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  14. Wang, X.: Intrusion Tolerant Password-Enabled PKI. In: Proceedings of 2nd annual PKI Research Workshop (2002)

    Google Scholar 

  15. Kwon, T.: Refinement and Improvement of Virtual Software Token Protocols. IEEE Communications Letters 8(1), 75–77 (2004)

    Article  Google Scholar 

  16. Ford, W., Kaliski, B.: Server-Assisted Generation of a Strong Secret from a Password. IEEE P1363.2 Working Group (2000)

    Google Scholar 

  17. Kim, J.H., Radharkrishnan, S., Jang, J.S.: Cost Optimization in SIS model of Worm Infection. ETRIJ 28(5), 692–695 (2006)

    Google Scholar 

  18. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure Against Dictionary Attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  19. Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman Key Agreement Protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  20. Maurer, U., Wolf, S.: Diffie-Hellman, Decision Diffie-Hellman, and Discrete Logarithms. In: Proceedings of IEEE International Symposium on Information Theory Society, p. 327. IEEE Computer Society Press, Los Alamitos (1998)

    Google Scholar 

  21. Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) Algorithmic Number Theory. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  22. Denning, D., Sacco, G.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1981)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institude, Daejeon-si, Korea

    Jongho Ryu

Authors
  1. Jongho Ryu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Jae Kwang Lee Okyeon Yi Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer Berlin Heidelberg

About this paper

Cite this paper

Ryu, J. (2007). EAP Using the Split Password-Based Authenticated Key Agreement. In: Lee, J.K., Yi, O., Yung, M. (eds) Information Security Applications. WISA 2006. Lecture Notes in Computer Science, vol 4298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71093-6_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71093-6_28

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71092-9

  • Online ISBN: 978-3-540-71093-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation