Abstract
In this paper, we present a computationally efficient password authenticated key exchange protocol based on quadratic residues. The protocol, called QR-CEKE, is derived from the protocol QR-EKE, a previously published password authenticated key exchange protocol based on quadratic residues. The computational time for the client, however, is significant reduced in the protocol QR-CEKE. In comparison with QR-EKE, the protocol QR-CEKE is more suitable to an imbalanced computing environment where a low-end client device communicates with a powerful server over a broadband network. Based on number-theoretic techniques, we show that the computationally efficient password authenticated key exchange protocol is secure against residue attacks, a special type of off-line dictionary attack against password-authenticated key exchange protocols based on factorization. We also provide a formal security analysis of QR-CEKE under the factoring assumption and the random oracle model.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bao, F.: Security analysis of a password authenticated key exchange protocol. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 208–217. Springer, Heidelberg (2003)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Bellovin, S.M., Merritt, M. (eds.) Proc. of the IEEE Symposium on Research in Security and Privacy, Oakland, pp. 72–84 (May 1992)
Catalano, D., Pointcheval, D., Pornin, T.: IPAKE: Isomorphisms for Password-based Authenticated Key Exchange. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, Springer, Heidelberg (to appear, 2004)
Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRPYT 2003. LNCS, vol. 2656, pp. 524–542. Springer, Heidelberg (2003)
Jablon, D.: http://www.integritysciences.com
Lucks, S.: Open key exchange: How to defeat dictionary attacks without encrypting public keys. In: Christianson, B., Lomas, M. (eds.) Proc. Security Protocol Workshop. LNCS, vol. 1361, pp. 79–90. Springer, Heidelberg (1997)
MacKenzie, P., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000)
Menezes, A., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Patel, S.: Number theoretic attacks on secure password schemes. In: IEEE Symposium on Security and Privacy, Oakland, California (May 5-7, 1997)
Zhu, F., Wong, D., Chan, A., Ye, R.: RSA-based password authenticated key exchange for imbalanced wireless networks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 150–161. Springer, Heidelberg (2002)
Zhang, M.: New approaches to password authenticated key exchange based on RSA. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 230–244. Springer, Heidelberg (2004)
Zhang, M.: Password Authenticated Key exchange using quadratic residues. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 248–262. Springer, Heidelberg (2004)
Zhang, M.: Further analysis of password authenticated key exchange protocol based on RSA for imbalanced wireless networks. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 12–24. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, M. (2007). Computationally-Efficient Password Authenticated Key Exchange Based on Quadratic Residues. In: Srinathan, K., Rangan, C.P., Yung, M. (eds) Progress in Cryptology – INDOCRYPT 2007. INDOCRYPT 2007. Lecture Notes in Computer Science, vol 4859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77026-8_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-77026-8_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77025-1
Online ISBN: 978-3-540-77026-8
eBook Packages: Computer ScienceComputer Science (R0)