Browse > Article
http://dx.doi.org/10.13089/JKIISC.2003.13.1.27

Password-Authenticated Key Exchange between Clients with Different Passwords  

변지욱 (고려대학교 정보보호기술연구센터(CIST))
정익래 (고려대학교 정보보호기술연구센터(CIST))
이동훈 (고려대학교 정보보호기술연구센터(CIST))
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.13, no.1, 2003 , pp. 27-38 More about this Journal
Abstract
Most password-authenticated key exchange schemes in the literature provide an authenticated key exchange between a client and a server based on a pre-shared password. With a rapid change in modem communication environments, it is necessary to construct a secure end-to-end channel between clients, which is a quite different paradigm from the existing ones. In this paper we propose a new framework which provides a password-authenticated ky exchange between clients based only on their two different Passwords without my Pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange(C2C-PAKE). Security notions and types of possible attacks are newly defined according to the new framework We prove our scheme is secure against all types of attacks considered in the paper. Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-sorrel setting.
Keywords
서로다른 패스워드 인증;인증 된 키 교환;다중 영역 인증;Kerberos 시스템;사전 공격;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Secure Remote Password Protocol /
[ T. Wu ] / Proceedings of the Internet Society Network and Distributed System Security Symposium
2 Provably Secure Password-Authentica ted Key Exchange Using Diffie-Hellman /
[ V. Boyko;P. MacKenzie;S. Patel ] / Eurocrypt'00, LNCS
3 Efficient kerberized multicast in a practical distributed setting /
[ G. D. Crescenzo;O. Kornievskaia ] / ISC'01, LNCS
4 Encrypted key exchange:password based protocols secure against dictionary attacks /
[ S. Bellovin;M. Merrit ] / Proceedings of the Symposium on Security and Privacy
5 Key establishment protocols for secure mobile communications : A selective survey /
[ C. Boyd;A. Mathuria ] / ACISP'98, LNCS
6 Session-Key Generation Using Human Passwords Only /
[ O. Goldreich;Y. Lindell ] / Crypto'01, LNCS
7 Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords /
[ J. Katz;R. Ostrovsky;M. Yung ] / Eurocrypt'01, LNCS
8 Pulbic key cryptography for cross-realm authentication in kerberos /
[ M. Hur;B. Tung;T. Ryutov;C. Neuman;A. Medvinsky;G. Tsudik;B. Sommerfeld ] / Internet draft
9 A Real-World Analysis of Kerberos Password Security /
[ T. Wu ] / Proceedings of the Internet Society Network and Distributed System Security Symposium
10 On the Design of Security protocols for Mobile Communications /
[ V. Varadharajan;Y. Mu ] / Proceedings of Twelfth Annual Computer Security Applications Conference
11 Dual-workfactor encrypted key exchange: Efficiency preventing password chaining attacks /
[ B. Jaspan ] / Proceedings of the sixth annual USENIX security conference
12 Authenticated key exchange secure against dictionary attacks /
[ M. Bellare;D. Pointcheval;P. Rogaway ] / Eurocrypt'00, LNCS
13 Kerberos Authentication and Authorization System /
[ S. P. Miller;B. C. Neuman;J. I. Schiller;J. H.Saltzer ] / Project Athena Technical Plan
14 Open key exchange: How to defeat dictionary attacks without encryting public keys /
[ S. Lucks ] / The security Protocol Workshop '97
15 Refinement and extension of encrypted key exchange /
[ M. Steiner;G. Tsudik;M. Waider ] / ACM Operation Sys. Review   ScienceOn
16 Timestamps in key distribution protocols /
[ D. Denning;G. Sacco ] / Communications of the ACM