Password-based encrypted group key agreement

International Journal of Network Security

Volumn 3, Issue 1, 2006, Pages 23-34

  Dutta, Ratna ^a   Barua, Rana ^a  

^a INDIAN STATISTICAL INSTITUTE   (India)

Author keywords

CDH problem; Dictionary attack; Encrypted group key agreement; Password based protocol

Indexed keywords

CDH PROBLEM; DICTIONARY ATTACK; GROUP KEY AGREEMENT; GROUP KEY AGREEMENT PROTOCOLS; KEY AGREEMENT PROTOCOL; MULTI-PARTY KEY AGREEMENT PROTOCOL; RANDOM ORACLE MODEL; SECURE COMMUNICATION CHANNELS;

AUTHENTICATION; COMPUTER CRIME; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; ENTROPY;

CRYPTOGRAPHY;

EID: 38049019277     PISSN: 1816353X     EISSN: 18163548     Source Type: Journal    
DOI: None     Document Type: Article

References (56)

1. M. Abdalla, M. Bellare and P. Rogaway, "DHIES: An encryption scheme based on the Diffie-Hellman problem," in CT-RSA 2001, pp. 143-158, 2001.
2. M. Abdalla, P. A. Fouque and D. Pointcheval, "Password-based authenticated key exchange in the threeparty setting," in PKC 2005, LNCS 3386, pp. 65-84, Springer-Verlag, 2005.
3. N. Asokan and P. Ginzboorg, "Key agreement in adhoc networks," Computer Communications, vol. 23, no. 18, pp. 1627-1637, 2000.
4. M. Bellare and P. Rogaway, "Entity authentication and key distribution," in Crypto'93, LNCS 773, pp. 231-249, Springer-Verlag, 1994.
5. M. Bellare and P. Rogaway, "Provably secure session key distribution: the three party case, in STOC'95, pp. 57-66, ACM Press, 1995.
6. M. Bellare, D. Pointcheval and P. Rogaway, "Au-thenticated key exchange secure against dictionary attacks," in B. Preneel, editor, Eurocrypt 2000, LNCS 1807, pp. 139-155, Springer-Verlag, 2000.
7. S. M. Bellovin and M. Merritt, "Augmented encrypted key exchange: A passwordbased protocol secure against dictionary attacks and password file compromise," in Proceedings of the 1st ACM Conference on Computer and Communication Security, pp. 244-250, 1993.
8. Bluetooth, Specification of Bluetooth System, Dec. 1999, available at http://www.bluetooth.com/devel-oper/specification/specification.asp.
9. M. Boyarsky, "Publickey cryptography and password protocols: The multiuser case," in ACM Security (CCS'99), pp. 63-72, 1999.
10. V. Boyko, P. MacKenzie and S. Patel, "Provably secure password-authenticated key exchange using Diffie-Hellman," in Eurocrypt 2000, LNCS 1807, pp. 156-171, Springer-Verlag, May 2000.
11. E. Bresson, O. Chevassut and D. Pointcheval, "New security results on encrypted key exchange," in PKC 2004, LNCS 2947, pp. 145-158, Springer-Verlag, Mar. 2004.
12. E. Bresson, O. Chevassut and D. Pointcheval, "Proof of security for password-based key exchange (IEEE P1363 AuthA protocol and extensions)," in ACMCCS'03, pp. 241-250, 2003.
13. E. Bresson, O. Chevassut and D. Pointcheval, "Group Diffie-Hellman key exchange secure against dictionary attack, in Asiacrypt'02, LNCS 2501, pp. 497-514, Springer-Verlag, 2002.
14. E. Bresson, O. Chevassut, and D. Pointcheval, "Provably authenticated group Diffie-Hellman key exchange the dynamic case," in Asiacrypt 2001, LNCS 2248, pp. 290-309, Springer-Verlag, 2001.
15. E. Bresson, O. Chevassut, D. Pointcheval, and J. J. Quisquater, "Provably authenticated group Diffie-Hellman key exchange," in Proceedings of 8th Annual ACM Conference on Computer and Communications Security, pp. 255-264, 2001.
16. M. Burmester and Y. Desmedt, "A secure and efficient conference key distribution system," in EUROCRYPT'94, LNCS 950, pp. 275-286, Springer-Verlag, 1995.
17. J. W. Byun, I. R. Jeong, D. H. Lee and C. S. Park, "Password-authenticated key exchange between clients with different passwords," in ICICS'02, LNCS 2513, pp. 134-146, Springer-Verlag, Dec. 2002.
18. R. Dutta and R. Barua, "Constant round dynamic group key agreement," in ISC 2005, LNCS, Springer-Verlag, to appear on Sept. 2005, Singapore.
19. Y. Ding and P. Horster, "Undetectable on-line pass-word guessing attacks," ACM SIGOPS Operating Systems Review, vol. 29, no. 4, pp. 77-86, Oct. 1995.
20. R. Gennaro and Y. Lindell, "A framework for password-based authenticated key exchange," in Eurocrypt 2003, LNCS 2656, pp. 524-543, Springer-Verlag, May 2003.
21. O. Goldreich and Y. Lindell, "Sessionkey generation using human memorable passwords only," in Crypto 2001, LNCS 2139, pp. 408-432, Springer-Verlag, Aug. 2001.
22. L. Gong, "Optimal authentication protocols resistant to password guessing attacks," in CSFW'95, IEEE Computer Society, pp. 24-29, Kenmare, County Kerry, Ireland, Mar. 1995.
23. L. Gong, T. M. A. Lomas, R. M. Needham and J. H. Saltzer, "Protecting poorly chosen secrets from guessing attacks," IEEE Journal of Selected on Communications, vol. 11, no. 5, pp. 648-656, June 1993.
24. S. Halevi and H. Krawczyk, "Public key cryptography and password protocols," ACM Transactions on Information and System Security, pp. 524-543, 1999.
25. D. P. Jablon, "Strong passwordonly authenticated key exchange," SIGCOMM Computer Communication Review, vol. 26, no. 5, pp. 5-26, 1996.
26. M. Jakobsson and S. Wetzel, "Security weaknesses in bluetooth," in Proceedings of the RSA Cryptographer's Track (RSA CT'01), RSA Data Security, LNCS 2020, pp. 176-191, Springer-Verlag, 2001.
27. S. Jiang and G. Gong, "Password-based Key exchange With mutual authentication," in SAC 2004, LNCS 3006, pp. 291-306, Springer-Verlag, 2004.
28. J. Katz, R. Ostrovsky and M. Yung, "Efficient password-authenticated key exchange using humanmemorable passwords," in Eurocrypt 2001, LNCS 2045, pp. 475-494, Springer-Verlag, May 2001.
29. J. Katz and M. Yung, "Scalable protocols for authenticated group key exchange," in CRYPTO 2003, LNCS 2729, pp. 110-125, Springer-Verlag, 2003.
30. C. Kaufman, R. Perlman and M. Speciner, Network security, Prentice Hall, 1997.
31. H. J. Kim, S. M. Lee and D. H. Lee, "Constantround authenticated group key exchange for dynamic groups," in Asiacrypt'04, LNCS 3329, pp. 245-259, Sringer-Verlag, 2004.
32. J. Kim, S. Kim, J. Kwak and D. Won, "Cryptanalysis and improvement of password authenticated key exchange scheme between clients with different passwords," in ICCSA'04, LNCS 3043, pp. 895-902, Springer-Verlag, May 2004.
33. H. Krawczyk, "SIGMA: The "SIGn-and-MAc" ap-proach to authenticate Diffie-Hellman and its use in the ike protocols," in Crypto'03, LNCS 2729, pp. 400-425, Springer-Verlag, Aug. 2003.
34. S. M. Lee, J. Y. Hwang and D. H.L'ee, "Efficient password-based group key exchange," in proceedings of TrustBus 2004, LNCS 3184, pp. 191-199, Springer-Verlag, 2004.
35. C. L. Lin, H. M. Sun and T. Hwang, "Three-party encrypted key exchange: attacks and solution," ACM SIGOPS Operating Systems Review, vol. 34, no. 4, pp. 12-20, Oct. 2000.
36. C. L. Lin, H. M. Sun, M. Steiner and T. Hwang, "Three-party encrypted key exchange without server public keys," IEE Communications Letters, vol. 5, no. 12, pp. 497-499, Dec. 2001.
37. S. Lucks, "Open key exchange: How to defeat dictionary attacks without encrypting public keys," in Proceedings of the Workshop of Security Protocols, LNCS 1361, pp. 79-90, Springer-Verlag, 1997.
38. P. MacKenzie, S. Patel and R. Swaminathan, "Password-authenticated key exchange based on RSA," in Asiacrypt 2000, LNCS 1976, pp. 599-613, Springer-Verlag, Dec. 2000.
39. P. D. Mackenzie, The PAK suit: Protocols for password-authenticated key exchange, Contributions to IEEE P1363.2, 2002.
40. P. D. Mackenzie, T. Shrimpton and M. Jakobsson, "Threshold password-authenticated key exchange," in Crypto 2002, LNCS 2442, pp. 385-400, Springer-Verlag, Aug. 2002.
41. P. MacKenzie and R. Swaminathan, Secure Network Authentication with Password Identification, Submission to IEEE P1363a, Aug. 1999, Available from http://grouper.ieee.org/groups/1363/.
42. A. Menezes, P. V. Oorschot and S. Vanstone, Handbook of Applied Cryptography, CRG Press, 1997.
43. NIST, AES, Dec. 2000, Available at http://www.nist.gov/aes.
44. K. Obraczka, G. Tsudik and K. Viswanath, "Pushing the limits of multicast in ad hoc networks," in Intenational Conference on Distributed Computing System, pp. 719-722, Apr. 2001.
45. S. Patel, "Number theoritic attacks on secure password schemes," in Proceedings of the 1997 IEEE Sympossium on Security and Privacy, pp. 236-247, 1997.
46. C. E. Perkins, Ad hoc networking Addition Wesley, 2001.
47. M. D. Raimondo and R. Gennaro, "Provably secure threshold password-authenticated key exchange," in Eurocrypt 2003, LNCS 2656, pp. 507-523, Springer-Verlag, May 2003.
48. V. Shoup, On formal models for secure key exchange, Technical Report RZ 3120, IBM, 1999.
49. J. G. Steiner, B. C. Neuman and J. L. Schiller, "Ker-beros: An authentication service for open networks," in Proceedings of the USENIX Winter Conference, pp. 191-202, Dallas, TX, USA, 1998.
50. M. Steiner, G. Tsudik and M. Waidner, "Refinement and extension of encrypted key exchange," ACM SIGOPS Operating Systems Review, vol. 29, no. 3, pp. 22-30, July 1995.
51. G. Tsudik and E. V. Herreweghen, "Some remarks on protecting weak keys and poorlychosen secrets from guessing attacks," in SRDS'93: The 12th Symposium on Reliable Distributed Systems, IEE Computer Society, Princeton, New Jersey, USA, pp. 136-142, Oct. 1993
52. S. Wang, J. Wang and M. Xu, "Weakness of a password-authenticated key exchange protocol between clients with different passwords," in ACNS'04, LNCS 3089, pp. 414-425, Springer-Verlag, June 2004.
53. T. Wu, "The secure remote password protocol," in 1998 Internet Society Symposium on Network and Distributed System Security, pp. 97-111, 1998.
54. H. T. Yeh, H. M. Sun and T. Hwang, "Efficient three-party authentication and key agreement protocols resistant to password guessing attacks," Journals of Information Science and Engineering, vol. 19, no. 6, pp. 1059-1070, Nov. 2003.
55. M. Zhang, "Password authenticated key exchange using quadretic residues," in Proceedings of ACNS 2004, LNCS 3089, pp. 233-247, Springer-Verlag, June 2004.
56. L. Zhou and Z. J. Hass, "Securing ad hoc networks," IEEE Network Magazine, vol. 13, no. 6, pp. 24-30, 1999.