Password authenticated key exchange using hidden smooth subgroups

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2005, Pages 299-309

  Gentry, Craig ^a   Mackenzie, Philip ^a   Ramzan, Zulfikar ^a  

^a DOCOMO USA LABS   (United States)

Author keywords

Authentication; Cryptography; Key exchange; Password

Indexed keywords

COPYRIGHTS; NETWORK PROTOCOLS; PROBLEM SOLVING; SERVERS;

AUTHENTICATION; KEY EXCHANGE; PASSWORD;

PUBLIC KEY CRYPTOGRAPHY;

EID: 33745793866     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1102120.1102160     Document Type: Conference Paper

References (48)

1. M. Abdalla and D. Pointcheval. Simple password-based encrypted key exchange protocols. In Proc. of CT-RSA 2005, LNCS 3376, pp. 191-208. Springer, 2005.
2. M. Bellare, D. Pointcheval and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In Proc. of Eurocrypt 2000, LNCS 1807, pp. 139-155. Springer, 2000.
3. M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In Proc. of ACM CCS 1993, pp. 62-73. ACM, 1993.
4. M. Bellare and P. Rogaway. Entity authentication and key distribution. In Proc. of Crypto 1993, LNCS 773, pp. 232-249. Springer, 1994.
5. M. Bellare and P. Rogaway. Provably secure session key distribution: the three party case. In Proc. of STOC 1995, pp. 57-66. ACM, 1995.
6. S. M. Bellovin and M. Merritt. Encrypted key exchange: password-based protocols secure against dictionary attacks. In IEEE Symposium on Research in Security and Privacy, pp. 72-84. IEEE, 1992.
7. S. M. Bellovin and M. Merritt. Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In ACM CCS 1993, pp. 244-250. ACM, 1993.
8. D. Boneh. The decision Diffie-Hellman problem. In Proc. of ANTS-III, LNCS 1423, pp. 48-63. Springer, 1998.
9. R. C. Bose and D. K. Ray-Chaudhuri. On a class of error correcting binary group codes. Inf. Control, 3, pp. 68-79, 1960.
10. V. Boyko, P. MacKenzie and S. Patel. Provably secure password authentication and key exchange using Diffie-Hellman. In Proc. of Eurocrypt 2000, LNCS 1807, pp. 156-171. Springer, 2000.
11. C. Cachin, S. Micali, M. Stadier, Computational private information retrieval with polylogarithmic communication. In Proc. of Eurocrypt 1999, LNCS 1592, pp. 402-414, Springer, 1999.
12. R. Canetti, O. Goldreich and S. Halevi. The random oracle methodology, rivisited. In JACM, vol. 51, no. 4, pp. 557-594.
13. ACM, 2004. (Preliminiary version appeared in STOC 1998, pp. 209-218.)
14. R. Canetti, S. Halevi, J. Katz, Y. Lindell and P. MacKenzie. Universally-composable password-based key exchange. In Proc. of Eurocrypt 2005, LNCS 3494, pp. 404-421. Springer, 2005.
15. D. Coppersmith, Finding a small root of a bivariate integer equation; factoring with high bits known. In Proc. of Eurocrypt 1996, LNCS 1070, pp. 178-189. Springer, 1996.
16. D. Coppersmith, Finding a small root of a univariate modular equation. In Proc. of Eurocrypt 1996, LNCS 1070, pp. 155-165. Springer, 1996.
17. R. Cramer and V. Shoup. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In Proc. of Crypto 1998, LNCS 1462, pp. 13-25. Springer, 1998.
18. R. Cramer and V. Shoup. Universal hash proofs and a paradigm for chosen ciphertext secure public key encryption. In Proc. of Eurocrypt 2002, LNCS 2332, pp. 45-64. Springer, 2002.
19. I. Damgard and M. Koprowski. Generic lower bounds for root extraction and signature schemes in general groups. In Proc. of Eurocrypt 2002, LNCS 2332, pp. 256-271. Springer, 2002.
20. W. Diffie and M. Hellman. New directions in cryptography. IEEE Trans. Info. Theory, 22(6): 644-654, 1976.
21. C. Dwork and M. Naor. Pricing via processing or combatting junk mail. In Proc. of Crypto 1992, LNCS 740, pp. 139-147. Springer, 1993.
22. R. Gennaro and Y. Lindell. A framework for password-based authenticated key exchange. In Proc. of Eurocrypt 2003, LNCS 2656, pp. 524-543. Springer, 2003.
23. C. Gentry and Z. Ramzan. Single-database private information retrieval with constant communication rate. In Proc. of ICALP 2005, pp. 803-814. Springer, 2005.
24. O. Goldreich and Y. Lindell. Session-key generation using human passwords only. In Proc. of Crypto 2001, LNCS 2139, pp. 408-432. Springer, 2001.
25. L. Gong. Optimal authentication protocols resistant to password guessing attacks. In IEEE Computer Security Foundations Workshop, pages 24-29. IEEE, 1995.
26. L. Gong, T. M. A. Lomas, R. M. Needham and J. H. Saltzer. Protecting poorly chosen secrets from guessing attacks. In IEEE Journal on Selected Areas in Communications, 11(5): 648-656, June 1993.
27. A. Hocquenghem. Codes corecteurs d'erreurs. Chiffres, 2, pp. 147-156, 1959.
28. IEEE Standard 1363-2000, Standard specifications for public key cryptography, 2000.
29. D. Jablon. Strong password-only authenticated key exchange. In ACM Computer Communication Review, ACM SIGCOMM, 26(5): 5-20, 1996.
30. D. Jablon. Extended password key exchange protocols immune to dictionary attack. In WETICE'97 Workshop on Enterprise Security, pp. 248-255. IEEE, 1997.
31. S. Jiang and G. Gong. Password based key exchange with mutual authentication. In Proc. of SAC 2004, LNCS 3357, pp. 267-279. Springer, 2004.
32. J. Katz, R. Ostrovsky and M. Yung. Practical password-authenticated key exchange provably secure undei standard assumptions. In Proc. of Eurocrypt 2001, LNCS 2045, pp. 475-494. Springer, 2001.
33. C. Kaufmann and R. Perlman. FDM: a new strong password-based protocol. In Usenix Security Symposium, 2001.
34. T. Kwon. Authentication and key agreement via memorable passwords. In Proc. of NDSS 2001. ISOC, 2001.
35. A. Lenstra and E. Verheul. Selecting cryptographic key sizes. In Journal of Cryptology, 14(4): 255293, 2001.
36. S. Lin and D. J. Costello, Jr. Error control coding: fundamentals and applications. Prentice Hall, Englewood Cliffs, NJ, 1983.
37. S. Lucks. Open key exchange: How to defeat dictionary attacks without encrypting public keys. In Proc. of Security Protocols Workshop, LNCS 1361, pp. 79-90. Springer, 1998.
38. P. MacKenzie, S. Patel and R. Swaminathan. Password authenticated key exchange based on RSA. In Proc. of Asiacrypt 2000, LNCS 1976, pp. 599-613. Springer, 2000.
39. A. May. A tool kit for finding small roots of bivariate polynomials over the integers. In Proc. of Eurocrypt 2005, LNCS 3494, pp. 251-267. Springer, 2005.
40. M. Naor and B. Pinkas. Oblivious transfer and polynomial evaluation. In Proc. of STOC 1999, pp. 245-254. ACM, 1999.
41. National Institute of Standards and Technology (NIST). Announcing the Secure Hash Standard, FIPS 180-1, U.S. Department of Commerce, April, 1995.
42. S. Patel. Number theoretic attacks on secure password schemes. In Proc. of the IEEE Sym. on Research in Security and Privacy, pp. 236-247, 1997.
43. M. O. Rabin. How to exchange secrets by oblivious transfer. Unpublished manuscript, 1981.
44. R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signature and public key cryptosystems. In Communications of the ACM, 21:120-126, 1978.
45. M. Steiner, G. Tsudik, and M. Waidner. Refinement and extension of encrypted key exchange. In Operating System Review, 29:22-30. ACM, 1995.
46. T. Wu. The secure remote password protocol. In Proc. of NDSS 1998, pp. 97-111. ISOC, 1998.
47. T. Wu. A real-world analysis of Kerberos password security. In Proc. of NDSS 1999, ISOC, 1999.
48. M. Zhang. New approaches to password authenticated key exchange based on RSA. In Proc. of Asiacrypt 2004, LNCS 3329, pp. 230-244. Springer, 2004.