Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting

Junghyun Nam; Kim-Kwang Raymond Choo; Sangchul Han; Juryon Paik; Dongho Won

doi:10.3390/sym7010105

Symmetry (Jan 2015)

Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting

Junghyun Nam,
Kim-Kwang Raymond Choo,
Sangchul Han,
Juryon Paik,
Dongho Won

Affiliations

Junghyun Nam: Department of Computer Engineering, Konkuk University, 268 Chungwondaero, Chungju, Chungcheongbukdo 380-701, Korea
Kim-Kwang Raymond Choo: Information Assurance Research Group, Advanced Computing Research Centre, University of South Australia, Mawson Lakes, SA-5095, Australia
Sangchul Han: Department of Computer Engineering, Konkuk University, 268 Chungwondaero, Chungju, Chungcheongbukdo 380-701, Korea
Juryon Paik: Department of Computer Engineering, Sungkyunkwan University, 2066 Seoburo, Suwon,Gyeonggido 440-746, Korea
Dongho Won: Department of Computer Engineering, Sungkyunkwan University, 2066 Seoburo, Suwon,Gyeonggido 440-746, Korea

DOI: https://doi.org/10.3390/sym7010105
Journal volume & issue: Vol. 7, no. 1
pp. 105 – 124

Abstract

Read online

We present the first provably-secure three-party password-only authenticated key exchange (PAKE) protocol that can run in only two communication rounds. Our protocol is generic in the sense that it can be constructed from any two-party PAKE protocol. The protocol is proven secure in a variant of the widely-accepted model of Bellare, Pointcheval and Rogaway (2000) without any idealized assumptions on the cryptographic primitives used. We also investigate the security of the two-round, three-party PAKE protocol of Wang, Hu and Li (2010) and demonstrate that this protocol cannot achieve implicit key authentication in the presence of an active adversary.

Published in Symmetry

ISSN: 2073-8994 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Science: Mathematics
Website: http://www.mdpi.com/journal/symmetry/

About the journal

Abstract

Keywords