ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Provably secure password-based authentication in TLS
Full text PdfPdf (379 KB)
Source ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2006 ACM Symposium on Information, computer and communications security table of contents
Taipei, Taiwan
SESSION: Security protocols table of contents
Pages: 35 - 45  
Year of Publication: 2006
ISBN:1-59593-272-0
Authors
Michel Abdalla  École normale supérieure, Paris Cedex, France
Emmanuel Bresson  CELAR Technology Center, Bruz Cedex, France
Olivier Chevassut  Lawrence Berkeley National Laboratory, Berkeley, CA
Bodo Möller  University of Calgary, Calgary, AB, Canada
David Pointcheval  École normale supérieure, Paris Cedex, France
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 8,   Downloads (12 Months): 84,   Citation Count: 5
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1128817.1128827
What is a DOI?

ABSTRACT

In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous password-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
M. Abdalla, E. Bresson, O. Chevassut, A. Essiari, B. Möller, and D. Pointcheval. SOKE ciphersuites for password-based authentication in TLS. Work in Progress, to be published as Internet Draft, 2006.
 
2
M. Abdalla, O. Chevassut, and D. Pointcheval. One-time verifier-based encrypted key exchange. In S. Vaudenay, editor, PKC 2005, volume 3386 of LNCS, pages 47--64. Springer-Verlag, Jan. 2005.
 
3
M. Abdalla, P.-A. Fouque, and D. Pointcheval. Password-based authenticated key exchange in the three-party setting. In S. Vaudenay, editor, PKC 2005, volume 3386 of LNCS, pages 65--84. Springer-Verlag, Jan. 2005.
 
4
M. Abdalla and D. Pointcheval. Simple password-based encrypted key exchange protocols. In A. Menezes, editor, CT-RSA 2005, volume 3376 of LNCS, pages 191--208. Springer-Verlag, Feb. 2005.
 
5
M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key exchange secure against dictionary attacks. In B. Preneel, editor, EUROCRYPT 2000, volume 1807 of LNCS, pages 139--155. Springer-Verlag, May 2000.
6
Mihir Bellare , Phillip Rogaway, Random oracles are practical: a paradigm for designing efficient protocols, Proceedings of the 1st ACM conference on Computer and communications security, p.62-73, November 03-05, 1993, Fairfax, Virginia, United States  [doi>10.1145/168588.168596]
 
7
M. Bellare and P. Rogaway. The AuthA protocol for password-based authenticated key exchange. Contributions to IEEE P1363, Mar. 2000.
 
8
Steven M. Bellovin , Michael Merritt, Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks, Proceedings of the 1992 IEEE Symposium on Security and Privacy, p.72, May 04-06, 1992
9
Steven M. Bellovin , Michael Merritt, Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise, Proceedings of the 1st ACM conference on Computer and communications security, p.244-250, November 03-05, 1993, Fairfax, Virginia, United States  [doi>10.1145/168588.168618]
 
10
V. Boyko, P. D. MacKenzie, and S. Patel. Provably secure password-authenticated key exchange using Diffie-Hellman. In B. Preneel, editor, EUROCRYPT 2000, volume 1807 of LNCS, pages 156--171. Springer-Verlag, May 2000.
11
Emmanuel Bresson , Olivier Chevassut , David Pointcheval, Security proofs for an efficient password-based key exchange, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948142]
 
12
E. Bresson, O. Chevassut, and D. Pointcheval. New security results on encrypted key exchange. In F. Bao, R. Deng, and J. Zhou, editors, PKC 2004, volume 2947 of LNCS, pages 145--158. Springer-Verlag, Mar. 2004.
 
13
T. Dierks and C. Allen. RFC 2246 - The TLS Protocol Version 1.0. Internet Activities Board, Jan. 1999.
 
14
W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22:644--654, 1978.
15
Liang Fang , Samuel Meder , Olivier Chevassut , Frank Siebenlist, Secure password-based authenticated key exchange for web services, Proceedings of the 2004 workshop on Secure web service, p.9-15, October 29-29, 2004, Fairfax, Virginia  [doi>10.1145/1111348.1111350]
 
16
Ian Foster , Carl Kesselman, The Grid 2: Blueprint for a New Computing Infrastructure, Morgan Kaufmann Publishers Inc., San Francisco, CA, 2003
17
Ian Foster , Carl Kesselman , Gene Tsudik , Steven Tuecke, A security architecture for computational grids, Proceedings of the 5th ACM conference on Computer and communications security, p.83-92, November 02-05, 1998, San Francisco, California, United States  [doi>10.1145/288090.288111]
 
18
J. Katz, R. Ostrovsky, and M. Yung. Forward secrecy in password-only key exchange protocols. In S. Cimato, C. Galdi, and G. Persiano, editors, SCN 02, volume 2576 of LNCS, pages 29--44. Springer-Verlag, Sept. 2002.
 
19
Stefan Lucks, Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys, Proceedings of the 5th International Workshop on Security Protocols, p.79-90, April 07-09, 1997
 
20
P. D. MacKenzie. The PAK suite: Protocols for password-authenticated key exchange. Technical Report 2002-46, DIMACS, 2002.
 
21
D. Pointcheval and J. Stern. Security arguments for digital signatures and blind signatures. Journal of Cryptology, 13(3):361--396, 2000.
22
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
23
Secure password-based cipher suite for TLS, ACM Transactions on Information and System Security (TISSEC), v.4 n.2, p.134-157, May 2001  [doi>10.1145/501963.501965]
 
24
D. Taylor, T. Wu, N. Mavroyanopoulos, and T. Perrin. Using SRP for TLS authentication. IETF Internet Draft, TLS Working Group, Aug. 19, 2004.

CITED BY  5
Sebastian Gajek , Mark Manulis , Ahmad-Reza Sadeghi , Jörg Schwenk, Provably secure browser-based user-aware mutual authentication over TLS, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
Michel Abdalla , Emmanuel Bresson , Olivier Chevassut , Bodo Moller , David Pointcheval, Strong password-based authentication in TLS using the three-party group Diffie Hellman protocol, International Journal of Security and Networks, v.2 n.3/4, p.284-296, April 2007
SeongHan Shin , Kazukuni Kobara , Hideki Imai, A Secure Authenticated Key Exchange Protocol for Credential Services, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.1, p.139-149, January 2008
Shuhua Wu , Yuefei Zhu, Password-based authenticated key distribution in the three-party setting with forward security, International Journal of Communication Networks and Distributed Systems, v.3 n.4, p.393-407, August 2009
Sebastian Gajek , Mark Manulis , Jorg Schwenk, User-aware provably secure protocols for browser-based mutual authentication, International Journal of Applied Cryptography, v.1 n.4, p.290-308, August 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.2 Network Protocols

Additional Classification:
  E. Data
  E.3 DATA ENCRYPTION


General Terms:
Security


Keywords:
TLS, encrypted key exchange, password authentication

Collaborative Colleagues:
Michel Abdalla: colleagues
Emmanuel Bresson: colleagues
Olivier Chevassut: colleagues
Bodo Möller: colleagues
David Pointcheval: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player