article

Free access

Strong password-only authenticated key exchange

Author:

David P. JablonAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 26, Issue 5

Pages 5 - 26

https://doi.org/10.1145/242896.242897

Published: 01 October 1996 Publication History

Abstract

A new simple password exponential key exchange method (SPEKE) is described. It belongs to an exclusive class of methods which provide authentication and key establishment over an insecure channel using only a small password, without risk of offline dictionary attack. SPEKE and the closely-related Diffie-Hellman Encrypted Key Exchange (DH-EKE) are examined in light of both known and new attacks, along with sufficient preventive constraints. Although SPEKE and DH-EKE are similar, the constraints are different. The class of strong password-only methods is compared to other authentication schemes. Benefits, limitations, and tradeoffs between efficiency and security are discussed. These methods are important for several uses, including replacement of obsolete systems, and building hybrid two-factor systems where independent password-only and key-based methods can survive a single event of either key theft or password compromise.

References

[1]

{And94} R. J. Anderson and T. M. A. Lomas, "Fortifying Key Negotiation Schemes with Poorly Chosen Passwords", Electronics Letters, v. 30, n. 13, June 23, 1994, pp. 1040-1041.

[2]

{Bel96} S. M. Bellovin, private communication.

[3]

{BM92} S. M. Bellovin and M. Merritt, "Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks", Proceedings of the I.E.E.E. Symposium on Research in Security and Privacy, Oakland, May 1992.

Digital Library

[4]

{BM93} S. M. Bellovin and M. Merritt, "An Attack on the Interlock Protocol When Used for Authentication", I.E.E.E. Transactions on Information Theory, v. 40, n. 1, January 1994, pp. 273-275.

Digital Library

[5]

{BM94} S. M. Bellovin and M. Merritt, "Augmented Encrypted Key Exchange: a Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise", AT&T Bell Laboratories (c. 1994).

[6]

{DH79} W. Diffie and M. E. Hellman, "Privacy and Authentication: An Introduction to Cryptography," Proceedings of the I.E.E.E., vol. 67, No. 3, pp. 397-427 (Mar. 1979).

[7]

{DvOW92} W. Diffie, P. C. van Oorschot, and M. Wiener, "Authentication and Authenticated Key Exchanges", Designs Codes and Cryptography", 2, 107-125, (1992).

Digital Library

[8]

{Ell96} C. Ellison, "Establishing Identity Without Certification Authorities", Proceedings of the Sixth Annual USENIX Security Symposium, San Jose, July 1996, pp. 67-76.

Digital Library

[9]

{GLNS93} L. Gong, M. Lomas, R. Needham, & J. Saltzer, "Protecting Poorly Chosen Secrets from Guessing Attacks", I.E.E.E. Journal on Selected Areas in Communications, Vol. 11, No. 5, June 1993, pp. 648-656.

Digital Library

[10]

{Gon95} L. Gong, "Optimal Authentication Protocols Resistant to Password Guessing Attacks", Proceedings of the 8th IEEE Computer Security Foundations Workshop, County Kerry, Ireland, June 1995, pp. 24-29.

Digital Library

[11]

{Jas96} B. Jaspan, "Dual-workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks", Proceedings of the Sixth Annual USENIX Security Conference, July 1996, pp. 43-50.

Digital Library

[12]

{McC90} K. McCurley, "The Discrete Logarithm Problem", Cryptology and Computational Number Theory, Proceedings of Symposia in Applied Mathematics, vol. 42, 1990, pp. 49-74.

[13]

{NIST94} National Institute of Standards and Technology, NIST FIPS PUB 186, "Digital Signature Standard", U.S. Department of Commerce, May 1994.

[14]

{PH78} Pohlig & Hellman, "An Improved Algorithm for Computing Logarithms over GF(p) and its Cryptographic Significance", I.E.E.E. Transactions on Information Theory, pp. 106-110, January 1978.

[15]

{Sch96} B. Schneier, "Applied Cryptography Second Edition", John Wiley & Sons, 1996.

[16]

{STW95} M. Steiner, G. Tsudik, and M. Waidner, "Refinement and Extension of Encrypted Key Exchange", Operating Systems Review, vol. 29, Iss. 3, pp. 22-30 (July 1995).

Digital Library

[17]

{TA91} J. Tardo & K. Alagappan, "SPX: Global authentication using public key certificates", Proceedings of I.E.E.E. Computer Society Symposium on Research in Security and Privacy, Oakland, pp. 232-244, May 1991.

[18]

{vOW96} P. C. van Oorschot, M. J. Wiener, "On Diffie-Hellman Key Agreement with Short Exponents", Proceedings of Eurocrypt '96, Springer-Verlag, May 1996.

Digital Library

Cited By

Seyhan KAkleylek SDursun A(2024)Password authenticated key exchange-based on Kyber for mobile devicesPeerJ Computer Science10.7717/peerj-cs.196010(e1960)Online publication date: 29-Mar-2024
https://doi.org/10.7717/peerj-cs.1960
Qi MHu WTai Y(2024)SAE+: One-Round Provably Secure Asymmetric SAE Protocol for Client-Server ModelIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.337279919(3906-3913)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3372799
Qi MHu W(2024)Provably Secure Asymmetric PAKE Protocol for Protecting IoT AccessIEEE Internet of Things Journal10.1109/JIOT.2023.331420911:4(7071-7078)Online publication date: 15-Feb-2024
https://doi.org/10.1109/JIOT.2023.3314209
Show More Cited By

Index Terms

Strong password-only authenticated key exchange

Recommendations

Provably secure CL-KEM-based password-authenticated key exchange protocol

Traditional password-based authentication protocols are vulnerable to various password-related attacks, while public key cryptography PKC is expensive to manage certificates. Moreover, the traditional identity-based cryptography suffers to key escrow. ...
Attribute-based authenticated key exchange
ACISP'10: Proceedings of the 15th Australasian conference on Information security and privacy

We introduce the concept of attribute-based authenticated key exchange (AB-AKE) within the framework of ciphertext-policy attribute-based systems. A notion of AKE-security for AB-AKE is presented based on the security models for group key exchange ...
Practical and post-quantum authenticated key exchange from one-way secure key encapsulation mechanism
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

This paper discusses how to realize practical post-quantum authenticated key exchange (AKE) with strong security, i.e., CK⁺ security (Krawczyk, CRYPTO 2005). It is known that strongly secure post-quantum AKE protocols exist on a generic construction ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 26, Issue 5

Oct. 1996

74 pages

ISSN:0146-4833

DOI:10.1145/242896

Editor:
Martha Steenstrup
BBN Corporation, Cambridge, MA

Issue’s Table of Contents

Copyright © 1996 Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 October 1996

Published in SIGCOMM-CCR Volume 26, Issue 5

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

397
Total Citations
View Citations
2,744
Total Downloads

Downloads (Last 12 months)308
Downloads (Last 6 weeks)24

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Seyhan KAkleylek SDursun A(2024)Password authenticated key exchange-based on Kyber for mobile devicesPeerJ Computer Science10.7717/peerj-cs.196010(e1960)Online publication date: 29-Mar-2024
https://doi.org/10.7717/peerj-cs.1960
Qi MHu WTai Y(2024)SAE+: One-Round Provably Secure Asymmetric SAE Protocol for Client-Server ModelIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.337279919(3906-3913)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3372799
Qi MHu W(2024)Provably Secure Asymmetric PAKE Protocol for Protecting IoT AccessIEEE Internet of Things Journal10.1109/JIOT.2023.331420911:4(7071-7078)Online publication date: 15-Feb-2024
https://doi.org/10.1109/JIOT.2023.3314209
Zhang FYu YYuan H(2024)An optimization method for the generalized simplified SWU algorithm2024 IEEE 7th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC)10.1109/IAEAC59436.2024.10503912(688-694)Online publication date: 15-Mar-2024
https://doi.org/10.1109/IAEAC59436.2024.10503912
Qi M(2024)VSPAKE: Provably secure verifier-based PAKE protocol for client/server model in TLS ciphersuiteJournal of Systems Architecture10.1016/j.sysarc.2024.103082148(103082)Online publication date: Mar-2024
https://doi.org/10.1016/j.sysarc.2024.103082
Lian HYang YZhao Y(2023)Efficient and Strong Symmetric Password Authenticated Key Exchange With Identity Privacy for IoTIEEE Internet of Things Journal10.1109/JIOT.2022.321952410:6(4725-4734)Online publication date: 15-Mar-2023
https://doi.org/10.1109/JIOT.2022.3219524
Chang MTalanov VSnuverink JKiselev D(2023)Developing Real-Time Services with High Performance and Cloud Security Enabled Framework via Adjusted TLS v1.3 for On-Demand HIPA Activity Calculations2023 10th International Conference on Future Internet of Things and Cloud (FiCloud)10.1109/FiCloud58648.2023.00052(306-311)Online publication date: 14-Aug-2023
https://doi.org/10.1109/FiCloud58648.2023.00052
Qi MCui ZLiang G(2023)TBVPAKE: An efficient and provably secure verifier-based PAKE protocol for IoT applicationsJournal of Systems Architecture10.1016/j.sysarc.2023.102874139(102874)Online publication date: Jun-2023
https://doi.org/10.1016/j.sysarc.2023.102874
Seyhan KAkleylek S(2023)A new password-authenticated module learning with rounding-based key exchange protocol: Saber.PAKEThe Journal of Supercomputing10.1007/s11227-023-05251-x79:16(17859-17896)Online publication date: 10-May-2023
https://dl.acm.org/doi/10.1007/s11227-023-05251-x
Pan JZeng R(2023)A Generic Construction of Tightly Secure Password-Based Authenticated Key ExchangeAdvances in Cryptology – ASIACRYPT 202310.1007/978-981-99-8742-9_5(143-175)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1007/978-981-99-8742-9_5
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents