Threshold password-authenticated key exchange

Journal of Cryptology

Volumn 19, Issue 1, 2006, Pages 27-66

  MacKenzie, Philip ^a,d   Shrimpton, Thomas ^b   Jakobsson, Markus ^c  

^a LUCENT TECHNOLOGIES   (United States)

^b Portland State University   (United States)

^c INDIANA UNIVERSITY   (United States)

^d DOCOMO USA LABS   (United States)

Author keywords

Dictionary attack; Key exchange; Password authentication; Threshold cryptosystems

Indexed keywords

DICTIONARY ATTACK; KEY EXCHANGE; PASSWORD AUTHENTICATION; THRESHOLD CRYPTOSYSTEMS;

COMPUTER CRIME; COMPUTER PROGRAMMING LANGUAGES; DECISION THEORY; GLOSSARIES; MATHEMATICAL MODELS; SERVERS; USER INTERFACES;

PUBLIC KEY CRYPTOGRAPHY;

EID: 29644437598     PISSN: 09332790     EISSN: 14321378     Source Type: Journal    
DOI: 10.1007/s00145-005-0232-5     Document Type: Article

References (38)

1. M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In Proceedings of EUROCRYPT 2000 (LNCS 1807), pp. 139-155, 2000.
2. M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 62-73, November 1993.
3. M. Bellare and P. Rogaway. Entity authentication and key distribution. In Proceedings of CRYPTO '93 (LNCS 773), pp. 232-249, 1993.
4. M. Bellare and P. Rogaway. Provably secure session key distribution - the three party case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, pp. 57-66, 1995.
5. S. M. Bellovin and M. Merritt. Encrypted key exchange: password-based protocols secure against dictionary attacks. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 72-84, 1992.
6. S. M. Bellovin and M. Merritt. Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In Proceedings of the ACM Conference on Computer and Communications Security, pp. 244-250, 1993.
7. M. Blum, P. Feldman, and S. Micali. Non-interactive zero-knowledge and its applications. In Proceedings of the 20th ACM Symposium on the Theory of Computing, pp. 103-112, 1988.
8. D. Boneh. The decision Diffie-Hellman problem. In Proceedings of the Third Algorithmic Number Theory Symposium (LNCS 1423), pp. 48-63, 1998.
9. C. Boyd. Digital multisignatures. In H. J. Beker and F. C. Piper, editors, Cryptography and Coding, pages 241-246. Clarendon Press, Oxford, 1986.
10. V. Boyko, P. MacKenzie, and S. Patel. Provably secure password authentication and key exchange using Diffie-Hellman. In Proceedings of EUROCRYPT 2000 (LNCS 1807), pp. 156-171, 2000.
11. R. Canetti, O. Goldreich, and S. Halevi. The random oracle methodology, revisited. In Proceedings of the 30th ACM Symposium on the Theory of Computing, pp. 209-218, 1998.
12. R. Canetti, Y. Lindell, R. Ostrovsky, and A. Sahai. Universally composable two-party computation. In Proceedings of the 34th ACM Symposium on the Theory of Computing, pp. 209-218, 2002.
13. R. Cramer, I. Damgard, and B. Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Advances in Ciyptology - CRYPTO '94 (LNCS 839), pp. 174-187, 1994.
14. A. De Santis, G. Di Crescenzo, R. Ostrovsky, G. Persiano, and A. Sahai. Robust non-interactive zero knowledge. In Proceedings of CRYPTO 2001 (LNCS 2139), pp. 566-598, 2001.
15. Y. Desmedt and Y. Frankel. Threshold cryptosystems. In Proceedings of CRYPTO '89 (LNCS 435), pp. 307-315, 1989.
16. T. Dierks and C. Allen. The TLS protocol, version 1.0. IETF RFC 2246, January 1999.
17. W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644-654, 1976.
18. M. Di Raimondo and R. Gennaro. Provably secure threshold password-authenticated key exchange. In Proceedings of EUROCRYPT '03 (LNCS 2656), pp. 507-523, 2003. Final version available: http://www.marioland.it/ papers/tpassword.pdf.
19. T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithm. IEEE Transactions on Information Theory, 31:469-472, 1985.
20. P. Feldman. A practical scheme for non-interactive verifiable secret sharing. In Proceedings of the 28th IEEE Symposium on Foundations of Computer Science, pp. 427-437, 1987
21. A. Fiat and A. Shamir. How to prove yourself: practical solutions to identification and signature problems. In Proceedings of CRYPTO '86, pp. 186-194, 1986.
22. W. Ford and B. S. Kaliski, Jr. Server-assisted generation of a strong secret from a password. In Proceedings of the 5th IEEE International Workshop on Enterprise Security, 2000.
23. Y. Frankel, P. MacKenzie, and M. Yung. Adaptively-secure distributed threshold public key systems. In Proceedings of the European Symposium on Algorithms (LNCS 1643), pp. 4-27, 1999.
24. R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Robust threshold DSS signatures. In Proceedings of EUROCRYPT '96 (LNCS 1070), pp. 354-371, 1996.
25. R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. The (in)security of distributed key generation in dlog-based cryptosystems. In Proceedings of EUROCRYPT '99 (LNCS 1592), pp. 295-310, 1999.
26. O. Goldreich and Y. Lindell. Session-key generation using human passwords only. In Proceedings of CRYPTO 2001 (LNCS 2139), pp. 408-32, 2001.
27. O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game - a completeness theorem for protocols with honest majority. In Proceedings of the 19th ACM Symposium on the Theory of Computing, pp. 218-229, 1987.
28. S. Halevi and H. Krawczyk. Public-key cryptography and password protocols. ACM Transactions on Information and Systems Security, 2(3):230-268, 1999.
29. A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, and M. Yung. Proactive public-key and signature schemes. In Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 100-110, 1996.
30. A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung. Proactive secret sharing, or: How to cope with perpetual leakage, In Advances in Cryptology - CRYPTO '95 (LNCS 963), pp. 339-352, 1995.
31. D. Jablon. Strong password-only authenticated key exchange. ACM Computer Communication Review, ACM SIGCOMM, 26(5):5-20, 1996.
32. D. Jablon. Password authentication using multiple servers. In Proceedings of the RSA Conference 2001, Cryptographers' Track (LNCS 2020), pp. 344-360, 2001.
33. J. Katz, R. Ostrovsky, and M. Yung. Efficient password-authenticated key exchange using human-memorable passwords. In Proceedings of EUROCRYPT 2001 (LNCS 2045), pp. 475-494, 2001.
34. P. MacKenzie, S. Patel, and R. Swaminathan. Password authenticated key exchange based on RSA. In Proceedings of ASIACRYPT 2000 (LNCS 1976), pp. 599-613, 2000.
35. M. Naor and M. Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In Proceedings of the 22nd ACM Symposium on the Theory of Computing, pp. 427-437, 1990.
36. A. Sahai. Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In Proceedings of the 40th IEEE Foundations of Computer Science, pp. 543-553, 1999.
37. SSH communications security, http://www.ssh.fi, 2001.
38. T. Wu. The secure remote password protocol. In Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pp. 97-111, 1998.