Provably secure password-based authentication in TLS

Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS '06

Volumn 2006, Issue , 2006, Pages 35-45

  Abdalla, Michel ^a   Bresson, Emmanuel ^b   Chevassut, Olivier ^c   Möller, Bodo ^d   Pointcheval, David ^a  

^a ECOLE NORMALE SUPÉRIEURE   (France)

^b CELAR   (France)

^c LAWRENCE BERKELEY NATIONAL LABORATORY   (United States)

^d UNIVERSITY OF CALGARY   (Canada)

Author keywords

Encrypted key exchange; Password authentication; TLS

Indexed keywords

MATHEMATICAL MODELS; NETWORK PROTOCOLS; SECURITY OF DATA; SERVERS;

ENCRYPTED KEY EXCHANGE; PASSWORD AUTHENTICATION; SERVER IDENTITY; TRANSPORT LAYER SECURITY;

AUTHENTICATION;

EID: 33845208188     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1128817.1128827     Document Type: Conference Paper

References (24)

1. M. Abdalla, E. Bresson, O. Chevassut, A. Essiari, B. Möller, and D. Pointcheval. SOKE ciphersuites for password-based authentication in TLS. Work in Progress, to be published as Internet Draft, 2006.
2. M. Abdalla, O. Chevassut, and D. Pointcheval. One-time verifier-based encrypted key exchange. In S. Vaudenay, editor, PKC 2005, volume 3386 of LNCS, pages 47-64. Springer-Verlag, Jan. 2005.
3. M. Abdalla, P.-A. Fouque, and D. Pointcheval. Password-based authenticated key exchange in the three-party setting. In S. Vaudeuay, editor, PKC 2005, volume 3386 of LNCS, pages 65-84. Springer-Verlag, Jan. 2005.
4. M. Abdalla and D. Pointcheval. Simple password-based encrypted key exchange protocols. In A. Menezes, editor, CT-RSA 2005, volume 3376 of LNCS, pages 191-208. Springer-Verlag, Feb. 2005.
5. M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In B. Preneel, editor, EUROCRYPT 2000, volume 1807 of LNCS, pages 139-155. Springer-Verlag, May 2000.
6. M. Bellare and P. Rogaway. Random oracles are practical: A. paradigm for designing efficient protocols. In ACM CCS 93, pages 62-73. ACM Press, Nov. 1993.
7. M. Bellare and P. Rogaway. The AuthA protocol for password-based authenticated key exchange. Contributions to IEEE P1363, Mar. 2000.
8. S. M. Bellovin and M. Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In 1992 IEEE Symposium on Security and Privacy, pages 72-84. IEEE Computer Society Press, May 1992.
9. S. M. Bellovin and M. Merritt. Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In ACM CCS 93, pages 244-250. ACM Press, Nov. 1993.
10. V. Boyko, P. D. MacKenzie, and S. Patel. Provably secure password-authenticated key exchange using Diffie-Hellman. In B. Preneel, editor, EUROCRYPT 2000, volume 1807 of LNCS, pages 156-171. Springer-Verlag, May 2000.
11. E. Bresson, O. Chevassut, and D. Pointcheval. Security proofs for an efficient password-based key exchange. In ACM CCS 03, pages 241-250. ACM Press, Oct. 2003.
12. E. Bresson, O. Chevassut, and D. Pointcheval. New security results on encrypted key exchange. In F. Bao, R. Deng, and J. Zhou, editors, PKC 2004, volume 2947 of LNCS, pages 145-158. Springer-Verlag, Mar. 2004.
13. T. Dierks and C. Allen. RFC 2246 - The TLS Protocol Version 1.0. Internet Activities Board, Jan. 1999.
14. W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:644-654, 1978.
15. L. Fang, S. Meder, O. Chevassut, and F. Siebenlist. Secure password-based authenticated key exchange for web services. In E. Damiani and H. Maruyama, editors, Proceedings of the ACM Workshop on Secure Web Services (SWS), Fairfax, VA, USA, Oct. 29, 2004.
16. I. T. Foster and C. Kesselman. The Grid 2: Blueprint for a New Computing Infrastructure. Morgan. Kaufmann, 2004.
17. I. T. Foster, C. Kesselman, G. Tsudik, and S. Tuecke. A security architecture for computational grids. In ACM CCS 98, pages 83-92. ACM Press, Nov. 1998.
18. J. Katz, R. Ostrovsky, and M. Yung. Forward secrecy in password-only key exchange protocols. In S. Cimato, C. Galdi, and G. Persiano, editors, SCN 02, volume 2576 of LNCS, pages 29-44. Springer-Verlag, Sept. 2002.
19. S. Lucks. Open key exchange: How to defeat dictionary attacks without encrypting public keys. In Workshop on Security Protocols, École Normale Supérieure, 1997.
20. P. D. MacKenzie. The PAK suite: Protocols for password-authenticated key exchange. Technical Report 2002-46, DIMACS, 2002.
21. D. Pointcheval and J. Stern. Security arguments for digital signatures and blind signatures. Journal of Cryptology, 13(3):361-396, 2000.
22. R. L. Rivest, A. Shamir, and L. M. Adleman. A method for obtaining digital signature and public-key cryptosystems. Communications of the ACM, 21(2):120-126, 1978.
23. M. Steiner, P. Buhler, T. Eirich, and M. Waidner. Secure password-based cipher suite for TLS. ACM Transactions on Information and System Security, 4(2):134-157, 2001.
24. D. Taylor, T. Wu, N. Mavroyanopoulos, and T. Perrin. Using SRP for TLS authentication. IETF Internet Draft, TLS Working Group, Aug. 19, 2004.