Anonymous and Transparent Gateway-based Password-Authenticated Key Exchange

Michel Abdalla 1, 2 Malika Izabachène 1, 2 David Pointcheval 1, 2
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : In Asiacrypt 2005, Abdalla et al. put forward the notion of gateway-based password- authenticated key exchange (GPAKE) protocol, which allows clients and gateways to establish a common session key with the help of an authentication server. In addition to the semantic security of the session key, their solution also provided additional security properties such as password pro- tection with respect to malicious gateways and key privacy with respect to curious authentication servers. In this paper, we further pursue this line of research and present a new and stronger se- curity model for GPAKE schemes, combining all above-mentioned security properties. In addition to allowing a security proof for all these security properties, the new security model has also other advantages over the previous one such as taking into account user corruptions. After describing the new security model, we then present a new variant of the GPAKE scheme of Abdalla et al. with similar efficiency. Like the original scheme, the new scheme is also transparent in that it does not differ significantly from a classical 2-PAKE scheme from the point of view of a client. Finally, we also show how to add client anonymity with respect to the server to the basic GPAKE scheme by using private information retrieval protocols.
Type de document :
Communication dans un congrès
M. Franklin and L. Hui and D. Wong. The 7th International Workshop on Cryptology and Network Security (CANS '08), 2008, Hong-Kong, China. Springer-Verlag, Berlin, 5339, pp.133--148, 2008, Lecture notes in computer science
Liste complète des métadonnées

https://hal.inria.fr/inria-00419150
Contributeur : David Pointcheval <>
Soumis le : mardi 22 septembre 2009 - 16:22:10
Dernière modification le : vendredi 25 mai 2018 - 12:02:05
Document(s) archivé(s) le : mardi 15 juin 2010 - 22:10:14

Fichier

2008_cans.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00419150, version 1

Collections

Citation

Michel Abdalla, Malika Izabachène, David Pointcheval. Anonymous and Transparent Gateway-based Password-Authenticated Key Exchange. M. Franklin and L. Hui and D. Wong. The 7th International Workshop on Cryptology and Network Security (CANS '08), 2008, Hong-Kong, China. Springer-Verlag, Berlin, 5339, pp.133--148, 2008, Lecture notes in computer science. 〈inria-00419150〉

Partager

Métriques

Consultations de la notice

221

Téléchargements de fichiers

185