research-article

Evaluation of password encrypted key exchange authentication techniques: design approach perspective: evaluation of PAKE protocol

Authors:

Satyanarayana Vollala,

B. Shameedha Begum,

N. RamasubramanianAuthors Info & Claims

IML '17: Proceedings of the 1st International Conference on Internet of Things and Machine Learning

Article No.: 16, Pages 1 - 9

https://doi.org/10.1145/3109761.3109777

Published: 17 October 2017 Publication History

IML '17: Proceedings of the 1st International Conference on Internet of Things and Machine Learning

Evaluation of password encrypted key exchange authentication techniques: design approach perspective: evaluation of PAKE protocol

Pages 1 - 9

Abstract
References

Abstract

Password Authenticated Key Exchange (PAKE) is an authentication mechanism used to establish a secure connection between communicating parties with a shared password. Since users are accustomed to employing weak passwords to protect their systems, the vulnerability considerably increases. In order to obtain a robust and practical solution against numerous attacks like undetectable online and offline password guessing attacks, trivial attacks, replay attacks and man-in-the-middle attacks, several variants have been proposed over the years. SPOKE (Simple Password Only Key Exchange) Protocol, J-PAKE (Password Authenticated Key Exchange by Juggling) Protocol and Chaos-Based 3PAKE Protocol are some of the novel proposals that trace their roots to the first PAKE protocol introduced by Bellovin and Merrit. In this paper, significant design approaches and modifications implemented in developing PAKE protocols are discussed. Suitable PAKE schemes are identified in regard to applications and communication environment by analyzing the performance and security aspects of these protocols.

References

[1]

Steven M Bellovin and Michael Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In Research in Security and Privacy, 1992. Proceedings., 1992 IEEE Computer Society Symposium on, pages 72--84. IEEE, 1992.

Digital Library

[2]

B Clifford Neuman and Theodore Ts'o. Kerberos: An authentication service for computer networks. IEEE Communications magazine, 32(9):33--38, 1994.

Digital Library

[3]

Refik Molva, Gene Tsudik, Els Van Herreweghen, and Stefano Zatti. Kryptoknight authentication and key distribution system. In European Symposium on Research in Computer Security, pages 155--174. Springer, 1992.

Digital Library

[4]

Michael Steiner, Gene Tsudik, and Michael Waidner. Refinement and extension of encrypted key exchange. ACM SIGOPS Operating Systems Review, 29(3):22--30, 1995.

Digital Library

[5]

Dorothy E Denning and Giovanni Maria Sacco. Timestamps in key distribution protocols. Communications of the ACM, 24(8):533--536, 1981.

Digital Library

[6]

Yun Ding and Patrick Horster. Undetectable on-line password guessing attacks. ACM SIGOPS Operating Systems Review, 29(4):77--86, 1995.

Digital Library

[7]

Chun-Li Lin, Hung-Min Sun, and Tzonelih Hwang. Three-party encrypted key exchange: attacks and a solution. ACM SIGOPS Operating Systems Review, 34(4):12--20, 2000.

Digital Library

[8]

Hung-Min Sun, Bing-Chang Chen, and Tzonelih Hwang. Secure key agreement protocols for three-party against guessing attacks. Journal of Systems and Software, 75(1):63--68, 2005.

Digital Library

[9]

Junghyun Nam, Seungjoo Kim, and Dongho Won. A weakness in sun-chenhwang's three-party key agreement protocols using passwords. IACR Cryptology ePrint Archive, 2004:348, 2004.

[10]

Chun-Li Lin, Hung-Min Sun, Michael Steiner, and Tzonelih Hwang. Three-party encrypted key exchange without server public-keys. IEEE Communications letters, 5(12):497--499, 2001.

[11]

Tian-Fu Lee, Tzonelih Hwang, and Chun-Li Lin. Enhanced three-party encrypted key exchange without server public keys. Computers & Security, 23(7):571--577, 2004.

Digital Library

[12]

Chin-Chen Chang and Ya-Fen Chang. A novel three-party encrypted key exchange protocol. Computer Standards & Interfaces, 26(5):471--476, 2004.

[13]

Eun-Jun Yoon and Kee-Young Yoo. Improving the novel three-party encrypted key exchange protocol. Computer Standards & Interfaces, 30(5):309--314, 2008.

Digital Library

[14]

Hsing-Bai Chen, Tzung-Her Chen, Wei-Bin Lee, and Chin-Chen Chang. Security enhancement for a three-party encrypted key exchange protocol against undetectable on-line password guessing attacks. Computer Standards & Interfaces, 30(1):95--99, 2008.

Digital Library

[15]

Nai-Wei Lo and Kuo-Hui Yeh. Cryptanalysis of two three-party encrypted key exchange protocols. Computer Standards & Interfaces, 31(6):1167--1174, 2009.

Digital Library

[16]

H-A Wen, T-F Lee, and Tzonelih Hwang. Provably secure three-party password-based authenticated key exchange protocol using weil pairing. IEE Proceedings-Communications, 152(2):138--143, 2005.

[17]

Antoine Joux. A one round protocol for tripartite diffie-hellman. Journal of cryptology, 17(4):263--276, 2004.

Digital Library

[18]

Hamed Arshad and Morteza Nikooghadam. An efficient and secure authentication and key agreement scheme for session initiation protocol using ecc. Multimedia Tools and Applications, 75(1):181--197, 2016.

Digital Library

[19]

Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on Computer and communications security, pages 62--73. ACM, 1993.

Digital Library

[20]

Junghyun Nam, Youngsook Lee, Seungjoo Kim, and Dongho Won. Security weakness in a three-party pairing-based protocol for password authenticated key exchange. Information Sciences, 177(6):1364--1375, 2007.

Digital Library

[21]

Rongxing Lu and Zhenfu Cao. Simple three-party key exchange protocol. Computers & Security, 26(1):94--97, 2007.

Digital Library

[22]

Michel Abdalla and David Pointcheval. Simple password-based encrypted key exchange protocols. In Cryptographersfi Track at the RSA Conference, pages 191--208. Springer, 2005.

Digital Library

[23]

Hao-Rung Chung and Wei-Chi Ku. Three weaknesses in a simple three-party key exchange protocol. Information Sciences, 178(1):220--229, 2008.

Digital Library

[24]

Hua Guo, Zhoujun Li, Yi Mu, and Xiyong Zhang. Cryptanalysis of simple three-party key exchange protocol. Computers & Security, 27(1):16--21, 2008.

Digital Library

[25]

Raphael C-W Phan, Wei-Chuen Yau, and Bok-Min Goi. Cryptanalysis of simple three-party key exchange protocol (s-3pake). Information sciences, 178(13):2849--2856, 2008.

Digital Library

[26]

Hong Lai, Jinghua Xiao, Lixiang Li, and Yixian Yang. Applying semigroup property of enhanced chebyshev polynomials to anonymous authentication protocol. Mathematical Problems in Engineering, 2012, 2012.

[27]

Eun-Jun Yoon and Il-Soo Jeon. An efficient and secure diffie-hellman key agreement protocol based on chebyshev chaotic map. Communications in Nonlinear Science and Numerical Simulation, 16(6):2383--2389, 2011.

[28]

Tzung-Her Chen, Wei-Bin Lee, and Hsing-Bai Chen. A round-and computation-efficient three-party authenticated key exchange protocol. Journal of Systems and Software, 81(9):1581--1590, 2008.

Digital Library

[29]

Fengjun Zhao, Peng Gong, Shuai Li, Mingguan Li, and Ping Li. Cryptanalysis and improvement of a three-party key agreement protocol using enhanced chebyshev polynomials. Nonlinear Dynamics, 74(1-2):419--427, 2013.

[30]

Cheng-Chi Lee, Chun-Ta Li, and Che-Wei Hsu. A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dynamics, 73(1-2):125--132, 2013.

[31]

Qi Xie, Jianmin Zhao, and Xiuyuan Yu. Chaotic maps-based three-party password-authenticated key agreement scheme. Nonlinear Dynamics, 74(4):1021--1027, 2013.

[32]

Mohammad Sabzinejad Farash and Mahmoud Ahmadian Attari. An efficient and provably secure three-party password-based authenticated key exchange protocol based on chebyshev chaotic maps. Nonlinear Dynamics, 77(1-2):399--411, 2014.

[33]

Xiong Li, Jianwei Niu, Saru Kumari, Muhammad Khurram Khan, Junguo Liao, and Wei Liang. Design and analysis of a chaotic maps-based three-party authenticated key agreement protocol. Nonlinear Dynamics, 80(3):1209--1220, 2015.

[34]

Michael Burrows, Martin Abadi, and Roger M Needham. A logic of authentication. In Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences, volume 426, pages 233--271. The Royal Society, 1989.

Digital Library

[35]

Chien-Ming Chen, Linlin Xu, Tsu-Yang Wu, and Ci-Rong Li. On the security of a chaotic maps-based three-party authenticated key agreement protocol. Journal of Network Intelligence (2), pages 61--65, 2016.

[36]

Feng Hao and Peter Ryan. J-pake: authenticated key exchange without pki. In Transactions on computational science XI, pages 192--206. Springer, 2010.

Digital Library

[37]

Jan Camenisch and Markus Stadler. Proof systems for general statements about discrete logarithms. Technical report, Citeseer, 1997.

[38]

Michel Abdalla, Fabrice Benhamouda, and Philip MacKenzie. Security of the j-pake password-authenticated key exchange protocol. In Security and Privacy (SP), 2015 IEEE Symposium on, pages 571--587. IEEE, 2015.

Digital Library

[39]

Mihir Bellare, David Pointcheval, and Phillip Rogaway. Authenticated key exchange secure against dictionary attacks. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 139--155. Springer, 2000.

Digital Library

[40]

Jean Lancrenon, Marjan Škrobot, and Qiang Tang. Two more efficient variants of the j-pake protocol. In International Conference on Applied Cryptography and Network Security, pages 58--76. Springer, 2016.

[41]

Michel Abdalla, Fabrice Benhamouda, David Pointcheval, et al. Spoke: Simple password-only key exchange in the standard model. IACR Cryptology ePrint Archive, 2014:609, 2014.

[42]

Adam Groce and Jonathan Katz. A new framework for efficient password-based authenticated key exchange. In Proceedings of the 17th ACM conference on Computer and communications security, pages 516--525. ACM, 2010.

Digital Library

[43]

Shaoquan Jiang and Guang Gong. Password based key exchange with mutual authentication. In International Workshop on Selected Areas in Cryptography, pages 267--279. Springer, 2004.

Digital Library

[44]

Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 45--64. Springer, 2002.

Digital Library

[45]

Michel Abdalla. Password-based authenticated key exchange: An overview. In International Conference on Provable Security, pages 1--9. Springer, 2014.

[46]

Jonathan Katz and Vinod Vaikuntanathan. Smooth projective hashing and password-based authenticated key exchange from latices. In International Conference on the Theory and Application of Cryptology and Information Security, pages 636--652. Springer, 2009.

Digital Library

[47]

Victor Boyko, Philip MacKenzie, and Sarvar Patel. Provably secure password-authenticated key exchange using diffie-hellman. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 156--171. Springer, 2000.

Digital Library

[48]

Philip MacKenzie. The pak suite: Protocols for password-authenticated key exchange. Contributions to IEEE P, 1363:2, 2002.

[49]

Jintai Ding, Saed Alsayigh, Jean Lancrenon, RV Saraswathy, and Michael Snook. Provably secure password authenticated key exchange based on rlwe for the post-quantum world. In Cryptographersfi Track at the RSA Conference, pages 183--204. Springer, 2017.

[50]

Ran Caneti, Shai Halevi, Jonathan Katz, Yehuda Lindell, and Phil MacKenzie. Universally composable password-based key exchange. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 404--421. Springer, 2005.

Digital Library

[51]

Mohammad Heydari, S Mohammad Sajad Sadough, Mohammad Sabzinejad Farash, Shehzad Ashraf Chaudhry, and Khalid Mahmood. An efficient password-based authenticated key exchange protocol with provable security for mobile client-client networks. Wireless Personal Communications, 88(2):337--356, 2016.

Digital Library

[52]

Debiao He, Yitao Chen, and Jianhua Chen. An id-based three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments. Arabian Journal for Science and Engineering, 38(8):2055--2061, 2013.

[53]

Lein Harn. Group authentication. IEEE Transactions on computers, 62(9):1893--1898, 2013.

Digital Library

Cited By

Faiqurahman MSyaifuddin S(2022)Password authenticated key exchange protocol for secure communication channel in modern honey network1ST INTERNATIONAL CONFERENCE ON TECHNOLOGY, INFORMATICS, AND ENGINEERING10.1063/5.0094442(030012)Online publication date: 2022
https://doi.org/10.1063/5.0094442

Index Terms

Evaluation of password encrypted key exchange authentication techniques: design approach perspective: evaluation of PAKE protocol
1. Security and privacy

Recommendations

Simple password-based three-party authenticated key exchange without server public keys

Password-based three-party authenticated key exchange protocols are extremely important to secure communications and are now extensively adopted in network communications. These protocols allow users to communicate securely over public networks simply ...
An undetectable on-line password guessing attack on Nam et al.'s three-party key exchange protocol

Three-party key exchange protocol is one of the most essential cryptographic technique in the secure communication areas. In this protocol, two clients, each shares a human-memorable password, working with a trusted server, can agree a secure session ...
Finding and fixing vulnerabilities in several three-party password authenticated key exchange protocols without server public keys

Three-party password-based authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key with the support from an authenticated server over an insecure channel. Several 3PAKE protocols, which do not require server ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

IML '17: Proceedings of the 1st International Conference on Internet of Things and Machine Learning

October 2017

581 pages

ISBN:9781450352437

DOI:10.1145/3109761

General Chairs:
Hani Hamdan
University of Paris-Saclay, Paris, France
,
Djallel Eddine Boubiche
University of Batna, Algeria
,
Program Chair:
Fanny Klett
German Workforce ADL Partnership Laboratory, Germany

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

IML 2017

IML 2017: International Conference on Internet of Things and Machine Learning

October 17 - 18, 2017

Liverpool, United Kingdom

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
104
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Faiqurahman MSyaifuddin S(2022)Password authenticated key exchange protocol for secure communication channel in modern honey network1ST INTERNATIONAL CONFERENCE ON TECHNOLOGY, INFORMATICS, AND ENGINEERING10.1063/5.0094442(030012)Online publication date: 2022
https://doi.org/10.1063/5.0094442

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten