Password-Based Authenticated Key Exchange in the Three-Party Setting

Michel Abdalla 1, 2, 3 Pierre-Alain Fouque 2 David Pointcheval 1, 2, 3
1 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : Password-based authenticated key exchange (PAKE) are protocols which are designed to be secure even when the secret key used for authentication is a human-memorable password. In this paper, we consider PAKE protocols in the three-party scenario, in which the users trying to establish a common secret do not share a password between themselves but only with a trusted server. Towards our goal, we recall some of the existing security notions for PAKE protocols and introduce new ones that are more suitable to the case of generic constructions of three-party pro- tocols. We then present a natural generic construction of a three-party PAKE protocol from any two-party PAKE protocol and prove its security. To the best of our knowledge, the new protocol is the first provably-secure PAKE protocol in the three-party setting.
Type de document :
Article dans une revue
IEE Proceedings - Information Security, Institution of Electrical Engineers (IEE), 2006, 153 (1), pp.27-39. 〈10.1049/ip-ifs:20055073〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00918401
Contributeur : Michel Abdalla <>
Soumis le : vendredi 13 décembre 2013 - 14:52:29
Dernière modification le : jeudi 11 janvier 2018 - 06:22:10

Identifiants

Collections

Citation

Michel Abdalla, Pierre-Alain Fouque, David Pointcheval. Password-Based Authenticated Key Exchange in the Three-Party Setting. IEE Proceedings - Information Security, Institution of Electrical Engineers (IEE), 2006, 153 (1), pp.27-39. 〈10.1049/ip-ifs:20055073〉. 〈hal-00918401〉

Partager

Métriques

Consultations de la notice

125