Skip to Main content Skip to Navigation
Theses

Advanced password-authenticated key exchanges

Abstract : Authenticated key exchange is probably the most widely deployed asymmetric cryptographic primitive, notably because of its inclusion in the TLS protocol. Its cousin, password-authenticated key exchange — where the authentication is done using a low-entropy password — while having been studied extensively as well has been much less used in practice. It is, however, a primitive much closer to actual authentication when at least one party is human. In this thesis, we consider advanced primitives based on password-authenticated key exchange, with an eye toward practical applications. Specifically, we introduce fuzzy password-authenticated key exchange, where the authentication succeeds as long as the two passwords are close enough, and not necessarily equal. We provide a security model in the UC framework, as well as a construction based on regular password-authenticated key exchanges and robust secret-sharing schemes. Secondly, we consider the practical problem of password leakage when taking into account sessions conducted on a corrupted device. As there is intrinsically no hope with regular password authentication, we extend the BPR security model to consider low-entropy challenge responses instead. We then provide several instantiations, some based on human-compatible function families, where the operation required to answer the challenge are simple enough to be conducted in one’s head, allowing the actual authentication to be directly performed by the human being.
Document type :
Theses
Complete list of metadatas

Cited literature [84 references]  Display  Hide  Download

https://hal.inria.fr/tel-01868828
Contributor : Abes Star :  Contact
Submitted on : Monday, January 13, 2020 - 5:03:11 PM
Last modification on : Thursday, October 29, 2020 - 3:01:42 PM
Long-term archiving on: : Tuesday, April 14, 2020 - 6:27:47 PM

File

Dupont-2018-These.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01868828, version 2

Collections

Citation

Pierre-Alain Dupont. Advanced password-authenticated key exchanges. Cryptography and Security [cs.CR]. Université Paris sciences et lettres, 2018. English. ⟨NNT : 2018PSLEE053⟩. ⟨tel-01868828v2⟩

Share

Metrics

Record views

163

Files downloads

427