A New Anonymous Password-Based Authenticated Key Exchange Protocol

Yang, Jing; Zhang, Zhenfeng

doi:10.1007/978-3-540-89754-5_16

Jing Yang^4,5 &
Zhenfeng Zhang^4,5

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5365))

Included in the following conference series:

International Conference on Cryptology in India

1512 Accesses
24 Citations

Abstract

In Indocrypt 2005 Viet et al. first proposed an anonymous password-based key exchange protocol: APAKE and its extension: k-out-of-n APAKE. Then Shin et al. presented an improved protocol TAP. In this paper, we first show that the TAP protocol is vulnerable to two attacks. One is an impersonating attack and the other is an off-line dictionary attack, which is also applied to k-out-of-n APAKE. Furthermore, we propose a novel anonymous password-based key exchange protocol, and prove its security in the random oracle model under the square computational Diffie-Hellman assumption and decision inverted-additive Diffie-Hellman assumption. We also extend our protocol to the distributed setting, which is secure against the proposed attacks.

The work is supported by National Natural Science Foundation of China (90604018, 60873261), National Basic Research Program (973) of China (2007CB311202), National High-Tech R&D Program (863) of China (2006AA01Z454), and National Key Technologies R&D Program of China (2006BAH02A02).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Abdalla, M., Pointcheval, D.: Simple Password-Based Encrypted Key Exchange Protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)
Chapter Google Scholar
Abdalla, M., Pointcheval, D.: Interactive Diffie-Hellman Assumptions with Applications to Password-based Authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005)
Chapter Google Scholar
Abdalla, M., et al.: Provably secure password-based authentication in TLS. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 35–45. ACM Press, New York (2006)
Google Scholar
Bao, F., Deng, H.R., Zhu, H.F.: Variations of Diffie-Hellman Problem. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 301–312. Springer, Heidelberg (2003)
Chapter Google Scholar
Bresson, E., Chevassut, O., Pointcheval, D.: Security Proofs for an Efficient Password-Based Key Exchange. In: Proceedings of the 10th ACM Conference on Computer and Communications Security 2003, pp. 241–250. ACM Press, New York (2003)
Google Scholar
Bresson, E., Chevassut, O., Pointcheval, D.: New Security Results on Encrypted Key Exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)
Chapter Google Scholar
Boyd, C., Mathuria, A.: Protocols for authentication and key establishment. Springer, Heidelberg (2003)
Book MATH Google Scholar
Chai, Z.C., Cao, Z.F., Lu, R.X.: Efficient Password-Based Authentication and Key Exchange Scheme Preserving User Privacy. In: Cheng, X., Li, W., Znati, T. (eds.) WASA 2006. LNCS, vol. 4138, pp. 467–477. Springer, Heidelberg (2006)
Chapter Google Scholar
MacKenzie, P.: On the Security of the SPEKE Password-authenticated Key Exchange Protocol. In: IACR ePrint archive, http://eprint.iacr.org/2001/057/
Shin, S., Kobara, K., Imai, H.: A Secure Threshold Anonymous Password-Authenticated Key Exchange Protocol. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 444–458. Springer, Heidelberg (2007)
Chapter Google Scholar
Tzeng, W.G.: Efficient 1-Out-n Oblivious Transfer Schemes. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 159–171. Springer, Heidelberg (2002)
Chapter Google Scholar
Viet, D.Q., Yamamura, A., Hidema, T.: Anonymous Password-Based Authenticated Key Exchange. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 244–257. Springer, Heidelberg (2005)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China
Jing Yang & Zhenfeng Zhang
National Engineering Research Center of Information Security, Beijing, 100190, China
Jing Yang & Zhenfeng Zhang

Authors

Jing Yang
View author publications
You can also search for this author in PubMed Google Scholar
Zhenfeng Zhang
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Dept. of Computer Science and Engineering, Indian Institute of Technology, 721 302, Kharagpur, India
Dipanwita Roy Chowdhury
K.U. Leuven, ESAT/COSIC Kasteelpark, Arenberg 10, B-3001, Leuven-Heverlee, Belgium
Vincent Rijmen
Department of Computer Science and Engineering, Indian Institute of Technology, 721 302, Kharagpur, India
Abhijit Das

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Yang, J., Zhang, Z. (2008). A New Anonymous Password-Based Authenticated Key Exchange Protocol. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds) Progress in Cryptology - INDOCRYPT 2008. INDOCRYPT 2008. Lecture Notes in Computer Science, vol 5365. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89754-5_16

Download citation

DOI: https://doi.org/10.1007/978-3-540-89754-5_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89753-8
Online ISBN: 978-3-540-89754-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics