[Resource Topic] 2004/196: Password Based Key Exchange with Mutual Authentication

Welcome to the resource topic for 2004/196

Password Based Key Exchange with Mutual Authentication

Authors: Shaoquan Jiang, Guang Gong


A reasonably efficient password based key exchange (KE) protocol with
security without random oracle was recently proposed
by Katz, {\em et al.} \cite{KOY01} and later by Gennaro and Lindell \cite{GL03}.
However, these protocols do not support mutual authentication
(MA). The authors explained that this could be achieved by adding
an additional flow. But then this protocol turns out to be
4-round. As it is known that a high entropy secret based key
exchange protocol with MA\footnote{we do not consider a protocol
with a time stamp or a stateful protocol (e.g., a counter based
protocol). In other words, we only consider protocols in which a
session execution within an entity is independent of its history,
and in which the network is asynchronous.} is optimally 3-round
(otherwise, at least one entity is not authenticated since a
replay attack is applicable), it is quite interesting to ask
whether such a protocol in the password setting (without random
oracle) is achievable or not. In this paper, we
provide an affirmative answer with an efficient construction in
the common reference string (CRS) model.
Our protocol is even simpler than that of Katz, {\em et al.}
Furthermore, we show that our protocol is secure under the DDH
assumption ({\em without} random oracle).

ePrint: https://eprint.iacr.org/2004/196

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .