Skip to main content
SpringerLink
Log in

Cross-Realm Password-Based Server Aided Key Exchange

  • Conference paper
Book cover Information Security Applications (WISA 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6513))

Included in the following conference series:

Abstract

In this paper, we extend password-based server aided key exchange (PSAKE) to the cross-realm setting which two clients in two different realms with different passwords can exchange a session key through their corresponding servers, i.e., there are two servers. We cannot simply apply the previous security model of PSAKE to cross-realm setting because there is the difference between security properties which can be captured in the previous setting and in the new setting. Therefore, we define a new formal security model of cross-realm PSAKE. Our model captures all desirable security requirements, like resistance to leakage of ephemeral private keys, to key-compromise impersonation and to undetectable on-line dictionary attack. Furthermore, we propose a concrete construction of cross-realm PSAKE with the optimal number of rounds for a client, which is secure in the sense of our model. Our scheme assumes no pre-established secure channels between different realms unlike previous schemes, but just authenticated channels between different realms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Steiner, M., Tsudik, G., Waidner, M.: Refinement and Extension of Encrypted Key Exchange. ACM Operating Systems Review 29(3), 22–30 (1995)

    Article  Google Scholar 

  2. Cliff, Y., Tin, Y.S.T., Boyd, C.: Password Based Server Aided Key Exchange. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 146–161. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Yoneyama, K.: Efficient and Strongly Secure Password-Based Server Aided Key Exchange. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 172–184. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  4. Ding, Y., Horster, P.: Undetectable On-line Password Guessing Attacks. Operating Systems Review 29(4), 77–86 (1995)

    Article  Google Scholar 

  5. Lin, C.L., Sun, H.M., Hwang, T.: Three-party Encrypted Key Exchange: Attacks and A Solution. ACM Operating Systems Review 34(4), 12–20 (2000)

    Article  Google Scholar 

  6. Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-Based Authenticated Key Exchange in the Three-Party Setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Abdalla, M., Pointcheval, D.: Interactive Diffie-Hellman Assumptions with Applications to Password-Based Authentication. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 341–356. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Byun, J.W., Jeong, I.R., Lee, D.H., Park, C.S.: Password-Authenticated Key Exchange between Clients with Different Passwords. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 134–146. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  9. Chen, L.: A Weakness of the Password-Authenticated Key Agreement between Clients with Different Passwords Scheme. In: ISO/IEC JTC 1/SC27 N3716 (2003)

    Google Scholar 

  10. Wang, S., Wang, J., Xu, M.: Weaknesses of a Password-Authenticated Key Exchange Protocol between Clients with Different Passwords. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 414–425. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Kim, J., Kim, S., Kwak, J., Won, D.: Cryptanalysis and Improvement of Password Authenticated Key Exchange Scheme between Clients with Different Passwords. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 895–902. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  12. Phan, R.C.W., Goi, B.M.: Cryptanalysis of an Improved Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) Scheme. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 33–39. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and Authenticated Key Exchanges. Des. Codes Cryptography 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  14. Byun, J.W., Lee, D.H., Lim, J.: Efficient and Provably Secure Client-to-Client Password-Based Key Exchange Protocol. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds.) APWeb 2006. LNCS, vol. 3841, pp. 830–836. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Phan, R.C.W., Goi, B.M.: Cryptanalysis of Two Provably Secure Cross-Realm C2C-PAKE Protocols. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 104–117. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  16. Yin, Y., Bao, L.: Secure Cross-Realm C2C-PAKE Protocol. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 395–406. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  17. Wang, F., Zhang, Y.: A New Security Model for Cross-Realm C2C-PAKE Protocol. In: Cryptology ePrint Archive: 2007/342 (2007)

    Google Scholar 

  18. Wu, S., Zhu, Y.: Password-Authenticated Key Exchange between Clients in a Cross-Realm Setting. In: Cao, J., Li, M., Wu, M.-Y., Chen, J. (eds.) NPC 2008. LNCS, vol. 5245, pp. 94–104. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  19. Feng, D., Xu, J.: A New Client-to-Client Password-Authenticated Key Agreement Protocol. In: Chee, Y.M., Li, C., Ling, S., Wang, H., Xing, C. (eds.) IWCC 2009. LNCS, vol. 5557, pp. 63–76. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Jin, W., Xu, J.: An Efficient and Provably Secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement Protocol with Smart Cards. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 299–314. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  21. LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  22. Lim, C.H., Lee, P.J.: A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroup. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 249–263. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  23. Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Sec. 7(5), 349–377 (2008)

    Article  Google Scholar 

  24. Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Examining Indistinguishability-Based Proof Models for Key Establishment Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585–604. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NTT Information Sharing Platform Laboratories, Japan

    Kazuki Yoneyama

Authors
  1. Kazuki Yoneyama
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer and Information Science, Korea University, Chungnam-do, Korea

    Yongwha Chung

  2. Computer Science Department, Google Inc. and Columbia University, NewYork, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yoneyama, K. (2011). Cross-Realm Password-Based Server Aided Key Exchange. In: Chung, Y., Yung, M. (eds) Information Security Applications. WISA 2010. Lecture Notes in Computer Science, vol 6513. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17955-6_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17955-6_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17954-9

  • Online ISBN: 978-3-642-17955-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation