Paper Info
Title
J-PAKE: authenticated key exchange without PKI
Abstract
Password Authenticated Key Exchange (PAKE) is one of the important topics in cryptography. It aims to address a practical security problem: how to establish secure communication between two parties solely based on a shared password without requiring a Public Key Infrastructure (PKI). After more than a decade of extensive research in this field, there have been several PAKE protocols available. The EKE and SPEKE schemes are perhaps the two most notable examples. Both techniques are however patented. In this paper, we review these techniques in detail and summarize various theoretical and practical weaknesses. In addition, we present a new PAKE solution called J-PAKE. Our strategy is to depend on well-established primitives such as the Zero-Knowledge Proof (ZKP). So far, almost all of the past solutions have avoided using ZKP for the concern on efficiency. We demonstrate how to effectively integrate the ZKP into the protocol design and meanwhile achieve good efficiency. Our protocol has comparable computational efficiency to the EKE and SPEKE schemes with clear advantages on security.
Year
DOI
Venue
2010
10.1007/978-3-642-17697-5_10
IACR Cryptology ePrint Archive
Keywords
DocType
Volume
practical security problem,key agreement.,speke scheme,comparable computational efficiency,protocol design,password authenticated key exchange,password-authenticated key exchange,good efficiency,public key infrastructure,authenticated key exchange,practical weakness,eke,new pake solution,speke,pake protocol,zero knowledge proof,public key,secure communication
Journal
2010
ISSN
ISBN
Citations 
0302-9743
3-642-17696-8
24
PageRank 
References 
Authors
1.20
30
2
Name
Order
Citations
PageRank
Hao Feng140932.15
Peter Y. A. Ryan272866.96