Skip to main content
Springer Nature Link
Log in

Computationally-Efficient Password Authenticated Key Exchange Based on Quadratic Residues

  • Conference paper
Progress in Cryptology – INDOCRYPT 2007 (INDOCRYPT 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4859))

Included in the following conference series:

Abstract

In this paper, we present a computationally efficient password authenticated key exchange protocol based on quadratic residues. The protocol, called QR-CEKE, is derived from the protocol QR-EKE, a previously published password authenticated key exchange protocol based on quadratic residues. The computational time for the client, however, is significant reduced in the protocol QR-CEKE. In comparison with QR-EKE, the protocol QR-CEKE is more suitable to an imbalanced computing environment where a low-end client device communicates with a powerful server over a broadband network. Based on number-theoretic techniques, we show that the computationally efficient password authenticated key exchange protocol is secure against residue attacks, a special type of off-line dictionary attack against password-authenticated key exchange protocols based on factorization. We also provide a formal security analysis of QR-CEKE under the factoring assumption and the random oracle model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bao, F.: Security analysis of a password authenticated key exchange protocol. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 208–217. Springer, Heidelberg (2003)

    Google Scholar 

  2. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  3. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Bellovin, S.M., Merritt, M. (eds.) Proc. of the IEEE Symposium on Research in Security and Privacy, Oakland, pp. 72–84 (May 1992)

    Google Scholar 

  4. Catalano, D., Pointcheval, D., Pornin, T.: IPAKE: Isomorphisms for Password-based Authenticated Key Exchange. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, Springer, Heidelberg (to appear, 2004)

    Google Scholar 

  5. Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRPYT 2003. LNCS, vol. 2656, pp. 524–542. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Jablon, D.: http://www.integritysciences.com

  7. Lucks, S.: Open key exchange: How to defeat dictionary attacks without encrypting public keys. In: Christianson, B., Lomas, M. (eds.) Proc. Security Protocol Workshop. LNCS, vol. 1361, pp. 79–90. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  8. MacKenzie, P., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  9. Menezes, A., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  10. Patel, S.: Number theoretic attacks on secure password schemes. In: IEEE Symposium on Security and Privacy, Oakland, California (May 5-7, 1997)

    Google Scholar 

  11. Zhu, F., Wong, D., Chan, A., Ye, R.: RSA-based password authenticated key exchange for imbalanced wireless networks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 150–161. Springer, Heidelberg (2002)

    Google Scholar 

  12. Zhang, M.: New approaches to password authenticated key exchange based on RSA. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 230–244. Springer, Heidelberg (2004)

    Google Scholar 

  13. Zhang, M.: Password Authenticated Key exchange using quadratic residues. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 248–262. Springer, Heidelberg (2004)

    Google Scholar 

  14. Zhang, M.: Further analysis of password authenticated key exchange protocol based on RSA for imbalanced wireless networks. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 12–24. Springer, Heidelberg (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Verizon Communications Inc., 40 Sylvan Road, Waltham, MA 02451, USA

    Muxiang Zhang

Authors
  1. Muxiang Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

K. Srinathan C. Pandu Rangan Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhang, M. (2007). Computationally-Efficient Password Authenticated Key Exchange Based on Quadratic Residues. In: Srinathan, K., Rangan, C.P., Yung, M. (eds) Progress in Cryptology – INDOCRYPT 2007. INDOCRYPT 2007. Lecture Notes in Computer Science, vol 4859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77026-8_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77026-8_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77025-1

  • Online ISBN: 978-3-540-77026-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics