Efficient Password-Based Authenticated Key Exchange Without Public Information

Since the first Password-based Authenticated Key Exchange (PAKE) was proposed, it has enjoyed a considerable amount of interest from the cryptographic research community. To the best knowledge, most of proposed PAKEs based on Diffie-Hellman key exchange need some public information, such as generators of a finite cyclic group. However, in a client-server environment, not all servers use the same public information, which demands clients authenticate that public information before beginning PAKE. It is cumbersome for users. What's worse, it may bring some secure problems with PAKE, such as substitution attack. To remove these problems, in this paper, the authors present an efficient password based authenticated key exchange protocol without any public information.