Symmetry (Sep 2015)

Prevention of Exponential Equivalence in Simple Password Exponential Key Exchange (SPEKE)

  • Hanwook Lee,
  • Dongho Won

DOI
https://doi.org/10.3390/sym7031587
Journal volume & issue
Vol. 7, no. 3
pp. 1587 – 1594

Abstract

Read online

Simple Password Exponential Key Exchange (SPEKE) and Dragonfly are simple password-based authenticated key exchange protocols that use a value derived from a shared password as a generator for modular exponentiation, as opposed to Diffie–Hellman key exchange, which uses a fixed value. However, it has been shown that in SPEKE, an active attacker, can examine multiple passwords in a single attempt because the passwords have an exponential correlation.We show that Dragonfly can also suffer from the same problem, and we propose a simple countermeasure to prevent the exponential equivalence in SPEKE.

Keywords