Refinement and extension of encrypted key exchange

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Refinement and extension of encrypted key exchange

Full text

Pdf (554 KB)

Source

ACM SIGOPS Operating Systems Review archive
Volume 29 , Issue 3 (July 1995) table of contents

Pages: 22 - 30

Year of Publication: 1995

ISSN:0163-5980

Authors

Michael Steiner	Communications and Computer Science Department, IBM Zfirich Research Laboratory, CH-8803 Riischlikon, Switzerland
Gene Tsudik	Communications and Computer Science Department, IBM Zfirich Research Laboratory, CH-8803 Riischlikon, Switzerland
Michael Waidner	Communications and Computer Science Department, IBM Zfirich Research Laboratory, CH-8803 Riischlikon, Switzerland

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 12, Downloads (12 Months): 41, Citation Count: 29

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/206826.206834 What is a DOI?

ABSTRACT

In their recent paper, "Encrypted Key Exchange: Password-based Protocols Secure Against Dictionary Attacks," Bellovin and Merritt propose a novel and elegant method for safeguarding weak passwords. This paper discusses a possible weakness in the proposed protocol, develops some enhancements and simplifications, and provides a security analysis of the resultant minimal EKE protocol. In addition, the basic 2-party EKE model is extended to the 3-party setting; this yields a protocol with some interesting properties. Most importantly, this paper illustrates, once again, the subtlety associated with designing password-based protocols.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Steven M. Bellovin , Michael Merritt, Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks, Proceedings of the 1992 IEEE Symposium on Security and Privacy, p.72, May 04-06, 1992
	2	Steven M. Bellovin , Michael Merritt, Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise, Proceedings of the 1st ACM conference on Computer and communications security, p.244-250, November 03-05, 1993, Fairfax, Virginia, United States [doi>10.1145/168588.168618]
	3	Mihir Bellare , Phillip Rogaway, Entity authentication and key distribution, Proceedings of the 13th annual international cryptology conference on Advances in cryptology, p.232-249, January 1994, Santa Barbara, California, United States
	4	[4] M. Burrows, M. Abadi and R. Needham, A Logic of Authentication Technical Report 39, DEC System Research Center, February 1990.
	5	Dorothy E. Denning , Giovanni Maria Sacco, Timestamps in key distribution protocols, Communications of the ACM, v.24 n.8, p.533-536, Aug. 1981 [doi>10.1145/358722.358740]
	6	[6] W. Diffie and M. Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, November 1976.
	7	Li Gong, Lower bounds on messages and rounds for network authentication protocols, Proceedings of the 1st ACM conference on Computer and communications security, p.26-37, November 03-05, 1993, Fairfax, Virginia, United States [doi>10.1145/168588.168592]
	8	[8] National Bureau of Standards, Federal Information Processing Standards, National Bureau of Standards, Publication 46, 1977.
	9	Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978 [doi>10.1145/359657.359659]
	10	R M Needham , M D Schroeder, Authentication revisited, ACM SIGOPS Operating Systems Review, v.21 n.1, p.7-7, Jan. 1987 [doi>10.1145/24592.24593]
	11	R. Rivest, The MD5 Message-Digest Algorithm, RFC Editor, 1992
	12	[12] B. Schneier, Applied Cryptography (Section 12.2), New York, NY: Wiley, 1994.
	13	D. W. Davies , W. L. Price, Security for computer networks: and introduction to data security in teleprocessing and electronic funds transfer (2nd ed.), John Wiley & Sons, Inc., New York, NY, 1989
	14	[14] W. Mao and C. Boyd, Cryptographic Key Establishment Secure Against Exhaustive Key Search DRAFT, submitted to 1995 IEEE Symposium on Research in Security and Privacy, available from wenho@comms.ee.man.ac.uk, Fall 1994.

CITED BY 29

	Michael Steiner , Gene Tsudik , Michael Waidner, Diffie-Hellman key distribution extended to group communication, Proceedings of the 3rd ACM conference on Computer and communications security, p.31-37, March 14-15, 1996, New Delhi, India
	Shai Halevi , Hugo Krawczyk, Public-key cryptography and password protocols, Proceedings of the 5th ACM conference on Computer and communications security, p.122-131, November 02-05, 1998, San Francisco, California, United States
	Secure password-based cipher suite for TLS, ACM Transactions on Information and System Security (TISSEC), v.4 n.2, p.134-157, May 2001
	Shai Halevi , Hugo Krawczyk, Public-key cryptography and password protocols, ACM Transactions on Information and System Security (TISSEC), v.2 n.3, p.230-268, Aug. 1999
	Hung-Min Sun , Bing-Chang Chen , Tzonelih Hwang, Secure key agreement protocols for three-party against guessing attacks, Journal of Systems and Software, v.75 n.1-2, p.63-68, 15 February 2005
	Her-Tyan Yeh , Hung-Min Sun, Password-based user authentication and key distribution protocols for client-server applications, Journal of Systems and Software, v.72 n.1, p.97-103, June 2004
	Craig Gentry , Philip Mackenzie , Zulfikar Ramzan, Password authenticated key exchange using hidden smooth subgroups, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
	Chun-Li Lin , Hung-Min Sun , Tzonelih Hwang, Three-party encrypted key exchange: attacks and a solution, ACM SIGOPS Operating Systems Review, v.34 n.4, p.12-20, October 2000
	Her-Tyan Yeh , Hung-Min Sun, Simple authenticated key agreement protocol resistant to password guessing attacks, ACM SIGOPS Operating Systems Review, v.36 n.4, p.14-22, October 2002
	Tzung-Her Chen , Wei-Bin Lee , Hsing-Bai Chen, A round- and computation-efficient three-party authenticated key exchange protocol, Journal of Systems and Software, v.81 n.9, p.1581-1590, September, 2008
	Hung-Min Sun , Her-Tyan Yeh, Password-based authentication and key distribution protocols with perfect forward secrecy, Journal of Computer and System Sciences, v.72 n.6, p.1002-1011, September 2006
	Rosario Gennaro , Yehuda Lindell, A framework for password-based authenticated key exchange¹, ACM Transactions on Information and System Security (TISSEC), v.9 n.2, p.181-234, May 2006
	Junghyun Nam , Youngsook Lee , Seungjoo Kim , Dongho Won, Security weakness in a three-party pairing-based protocol for password authenticated key exchange, Information Sciences: an International Journal, v.177 n.6, p.1364-1375, March, 2007
	Raphael C. -W. Phan , Wei-Chuen Yau , Bok-Min Goi, Cryptanalysis of simple three-party key exchange protocol (S-3PAKE), Information Sciences: an International Journal, v.178 n.13, p.2849-2856, July, 2008
	Jeong Ok Kwon , Ik Rae Jeong , Kouichi Sakurai , Dong Hoon Lee, Efficient verifier-based password-authenticated key exchange in the three-party setting, Computer Standards & Interfaces, v.29 n.5, p.513-520, July, 2007
	Liqun Chen , Dieter Gollmann , Chris J. Mitchell, Authentication using minimally trusted servers, ACM SIGOPS Operating Systems Review, v.31 n.3, p.16-28, July 1997
	Chun-Li Lin , Hung-Min Sun , Tzonelih Hwang, Efficient and practical DHEKE protocols, ACM SIGOPS Operating Systems Review, v.35 n.1, p.41-47, January 1, 2001
	David P. Jablon, Strong password-only authenticated key exchange, ACM SIGCOMM Computer Communication Review, v.26 n.5, p.5-26, Oct. 1996
	Yun Ding , Patrick Horster, Undetectable on-line password guessing attacks, ACM SIGOPS Operating Systems Review, v.29 n.4, p.77-86, Oct. 1995
	Eun-Jun Yoon , Kee-Young Yoo, Improving the novel three-party encrypted key exchange protocol, Computer Standards & Interfaces, v.30 n.5, p.309-314, July, 2008
	Tian-Fu Lee , Mei-Jiun Sung, Communication-efficient AUTHMAC_DH protocols, Computer Standards & Interfaces, v.30 n.1-2, p.71-77, January, 2008
	Tian-Fu Lee , Mei-Jiun Sung, Communication-efficient AUTHMAC_DH protocols, Computer Standards & Interfaces, v.30 n.1-2, p.71-77, January, 2008
	Hsing-Bai Chen , Tzung-Her Chen , Wei-Bin Lee , Chin-Chen Chang, Security enhancement for a three-party encrypted key exchange protocol against undetectable on-line password guessing attacks, Computer Standards & Interfaces, v.30 n.1-2, p.95-99, January, 2008
	Chin-Chen Chang , Jung-San Lee , Ting-Fang Cheng, Security design for three-party encrypted key exchange protocol using smart cards, Proceedings of the 2nd international conference on Ubiquitous information management and communication, January 31-February 01, 2008, Suwon, Korea
	Jin Wook Byun , Dong Hoon Lee , Jong In Lim, EC2C-PAKA: An efficient client-to-client password-authenticated key agreement, Information Sciences: an International Journal, v.177 n.19, p.3995-4013, October, 2007
	Eun-Jun Yoon , Kee-Young Yoo, Robust Key Exchange Protocol between Set-Top Box and Smart Card in DTV Broadcasting, Informatica, v.20 n.1, p.139-150, January 2009
	Zhiguo Wan , Robert H. Deng , Feng Bao , Bart Preneel , Ming Gu, nPAKE⁺: a tree-based group password-authenticated key exchange protocol using different passwords, Journal of Computer Science and Technology, v.24 n.1, p.138-151, January 2009
	Tian-Fu Lee , Jenn-Long Liu , Mei-Jiun Sung , Shiueng-Bien Yang , Chia-Mei Chen, Communication-efficient three-party protocols for authentication and key agreement, Computers & Mathematics with Applications, v.58 n.4, p.641-648, August, 2009
	Junghyun Nam , Juryon Paik , Hyun-Kyu Kang , Ung Mo Kim , Dongho Won, An off-line dictionary attack on a simple three-party key exchange protocol, IEEE Communications Letters, v.13 n.3, p.205-207, March 2009