Skip to Main content Skip to Navigation
Conference papers

Universally Composable Relaxed Password Authenticated Key Exchange

Abstract : Protocols for password authenticated key exchange (PAKE) allow two parties who share only a weak password to agree on a cryptographic key. We revisit the notion of PAKE in the universal composabil-ity (UC) framework, and propose a relaxation of the PAKE functionality of Canetti et al. that we call lazy-extraction PAKE (lePAKE). Our relaxation allows the ideal-world adversary to postpone its password guess until after a session is complete. We argue that this relaxed notion still provides meaningful security in the password-only setting. As our main result, we show that several PAKE protocols that were previously only proven secure with respect to a "game-based" definition of security can be shown to UC-realize the lePAKE functionality in the random-oracle model. These include SPEKE, SPAKE2, and TBPEKE, the most efficient PAKE schemes currently known.
Document type :
Conference papers
Complete list of metadata

Cited literature [46 references]  Display  Hide  Download

https://hal.inria.fr/hal-02948678
Contributor : Michel Abdalla Connect in order to contact the contributor
Submitted on : Thursday, November 12, 2020 - 4:27:29 PM
Last modification on : Friday, October 15, 2021 - 1:41:22 PM
Long-term archiving on: : Saturday, February 13, 2021 - 8:03:06 PM

File

main.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Michel Abdalla, Manuel Barbosa, Tatiana Bradley, Stanisław Jarecki, Jonathan Katz, et al.. Universally Composable Relaxed Password Authenticated Key Exchange. CRYPTO 2020 - 40th Annual International Cryptology Conference, Aug 2020, Santa Barbara / Virtual, United States. pp.278-307, ⟨10.1007/978-3-030-56784-2_10⟩. ⟨hal-02948678⟩

Share

Metrics

Record views

263

Files downloads

270