Security

A New Framework for Password-Based Authenticated Key Exchange

Download Now Free registration required

Executive Summary

Protocols for Password-based Authenticated Key Exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, the authors abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model.

  • Format: PDF
  • Size: 244.9 KB