Browse > Article
http://dx.doi.org/10.13089/JKIISC.2004.14.5.23

Split Password-Based Authenticated Key Exchange  

류종호 (순천향대학교)
염흥열 (순천향대학교)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.14, no.5, 2004 , pp. 23-36 More about this Journal
Abstract
This paper presents a password based authentication and key exchange protocol which can be used for both authenticating users and exchanging session keys for a subsequent secure communication over an untrusted network. Our idea is to increase a randomness of the password verification data, i.e., we split the password, and then amplify the split passwords in the high entropy-structured password verification data. And in order to prevent the verifier-compromised attack, we construct our system such that the password verification data is encrypted with the verifier's key and the private key of verifier used to encrypt it is stored in a secure place like a smart cards. Also we propose the distributed password authentication scheme utilizing many authentication servers in order to prevent the server-compromised attack occurred when only one server is used. Furthermore, the security analysis on the proposed protocol has been presented as a conclusion.
Keywords
Password; Authentication; DLP; Threshold scheme;
Citations & Related Records
연도 인용수 순위
  • Reference
1 T. Kwon, 'Ultimate Solution to Authentication via Memorable Password,' IEEE P1363.2 Working Group, Available at http://grouper .ieee.org/groups/1363/passwdPK/submissions.html#amp(2000)
2 Xunhua Wang, 'Intrusion Tolerant Password-Enabled PKI,' Proceedings of 2nd annual PKI Research Workshop, Available at http://middleware.internet2.edu/pki03/PKI03-proceedings. html (2002)
3 D. Chaum and T. Pedersen, 'Wallet databases with observer,' Advances in Cryptology-CRYPTO'92, LNCS 740, pp, 89-105 (1992)
4 T. Wu, 'Secure remote password protocol,' Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pp. 97-111(1998)
5 M. Bellare, D. Pointcheval. and P. Rogaway, 'Authenticated Key Exchange Secure Against Dictionary Attack,' Advances in Cryptology-EUROCRYPT '2000, LNCS 1807, pp. 139-155 (2000)
6 R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin, 'Robust Threshold DSS Signatures,' Advances in Cryptology-EUROCRYPT' 96, LNCS 1070, pp. 354-371 (1996)
7 P. MacKenzie and R. Swaminathan, 'Secure Network Authentication with Password Identification,' Presented to IEEE P1363.2, Available at http://grouper.ieee.org/groups/1363/passwdPK/contributions.html#MS (1999)
8 T. Kwon, 'Addendum to Summary of AMP,' IEEE P1363.2 Working Group, Available at http://grouper.ieee.org/groups/1363/passwdPK/contributions/ampsummary2.pdf (2003)
9 S. Bellovin and M. Merritt, 'Encryted key exchange: password-based protocols secure against dictionary attacks,' Proceedings of IEEE Comp. Society Symp. on Research in Security and Privacy, pp. 72-84 (1992)
10 M. Bellare and P. Rogaway, 'The AuthA protocol for password-based authenticated key exchange,' IEEE P1363.2 Working Group, Available at http://grouper. ieee.org/groups/1363/passwdPK/conributi ons.html#autha (2000)
11 이정현, 김현정, 이동훈, '다중서버를 이용한 인증된 키교환 프로토콜,' 정보보호학회논문지 13권 1호, pp. 87-98 (2003)
12 A. Menezes, P. van Oorschot, S. Vanston 'Handbook of applied cryptography,' CRC Press, Inc., pp 618 (1997)
13 T. Kwon, 'Refinement and Improvement of Virtual Software Token Protocols,' IEEE Communications Letters, Vol. 8, No.1. pp. 75-77 (2004)   DOI   ScienceOn
14 W. Ford and B. Kaliski, 'Server-Assisted Generation of a Strong Secret from a Password,' IEEE P1363.2 Working Group, Available at http://grouper. ieee. org/groups/1363/passwdPK/ contributions,html#FK00 (2000)
15 Y. Hwang. D. Yum, and P. Lee. 'EPA: An efficient password-based protocol for authenticated key exchange,' Information Security and Privacy. 8th Australasian Conference, ACISP'2003, LNCS 2727, pp. 324-335 (2003)
16 V. Boyko, P. MacKenzie. and S. Patel, 'Provably Secure Password Authenticated Key Exchange Using Diffie-Hellman.' Advances in Cryptology-EUROCRYFT' 2000, LNCS 1807, pp. 156-171 (2000)
17 T. Kwon, 'Authentication and key agreement via memorable passwords,' In Proceedings of the ISOC Network and Distributed System Security (NDSS) Symposium (2001)
18 S. Blake-Wilson, A. Menezes, 'Authenticated Diffie-Hellman Key Agreement Protocols,' Selected Areas in Cryptography' 98-SAC'98, LNCS 1556. pp, 339-361 (1998)
19 R. Gennaro, Michael O. Rabin, and T. Rabin, 'Simplified VSS and Fasttrack Multiparty Computations with Application to Threshold Cryptography,' Proceedings of the Seventeenth Annual ACM Symposium on Principles of Distributed Computing-PODC'98. pp, 101-111 (1998)
20 D. Boneh, 'The decision Diffie-Hellman problem,' Algorithmic Number Theory, Third International Symposium-ANTS- III, LNCS 1423, pp. 48-63(1998)
21 Ho-Sun Yoon, Heung-Youl Youm, 'A New Approach to Efficient Verifiable Secret Sharing for Threshold KCDSA,' Information Security and Cryptology-ICISC' 99, LNCS 1787, pp, 208-220 (1999)
22 Ueli Maurer and Stefan Wolf. 'Diffie-Hellman, Decision Diffie-Hellman, and Discrete Logarithms,' Proceedings of IEEE International Symposium on Information Theory Society-ISIT' 1998, pp. 327 (1998)
23 P. MacKenzie, T. Shrimpton, and M. Jakobsson, 'Threshold Password-Authenticated Key Exchange,' Advances in Cryptology-CRYPTO'2002, LNCS 2442, pp. 369-384 (2002)   DOI