Paper Info
Title
Provably Secure Gateway Threshold Password-Based Authenticated Key Exchange Secure Against Undetectable On-Line Dictionary Attack
Abstract
By using Password-based Authenticated Key Exchange (PAKE), a server can authenticate a user who has only the same password shared with the server in advance and establish a session key with the user simultaneously. However, in the real applications, we may have a situation where a user needs to share a session key with server A, but the authentication needs to be done by a different server B that shares the password with the user. Further, to achieve higher security on the server side, it may be required to make PAKE tolerant of a server breach by having multiple authentication servers. To deal with such a situation, Abdalla et al. proposed a variant of PAKE called Gateway Threshold PAKE (GTPAKE) where a gateway corresponds to the aforementioned server A being an online service provider and also a potential adversary that may try to guess the passwords. However, the schemes of Abdalla et al. turned out to be vulnerable to Undetectable On-line Dictionary Attack (UDonDA). In this paper, we propose the first GTPAKE provably secure against UDonDA, and in the security analysis, we prove that our GTPAKE is secure even if an adversary breaks into parts of multiple authentication servers.
Year
DOI
Venue
2017
10.1587/transfun.E100.A.2991
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES
Keywords
Field
DocType
password-based authenticated key exchange (PAKE), threshold cryptography
Dictionary attack,Computer security,Authenticated Key Exchange,Theoretical computer science,Default gateway,Password,Mathematics,Diffie–Hellman key exchange
Journal
Volume
Issue
ISSN
E100A
12
1745-1337
Citations 
PageRank 
References 
0
0.34
10
Authors
7
Name
Order
Citations
PageRank
Yukou Kobayashi100.34
Naoto Yanai23115.31
kazuki36710.08
Takashi Nishide435727.86
Goichiro Hanaoka5910101.53
Kwangjo Kim61701135.39
eiji okamoto71009118.60