Abstract:
This paper brings the password-based authenticated key exchange
(PAKE) problem closer to practice. It takes into account the
presence of firewalls when clients communicate with authentication
servers. An authentication server can indeed be seen as two distinct
entities, namely a gateway (which is the direct interlocutor of the
client) and a back-end server (which is the only one able to check
the identity of the client). The goal in this setting is to achieve
both transparency and security for the client. And to achieve these
goals, the most appropriate choices seem to be to keep the
client's password private ---even from the back-end server--- and
to use threshold-based cryptography. In this paper, we present the
Threshold Password-based Authenticated Key Exchange (GTPAKE) system:
GTPAKE uses a pair of public/private keys and, unlike
traditional threshold-based constructions, shares only the private
key among the servers. The system does no require any
certification ---except during the registration and update of clients'
passwords--- since clients do not use the public-key to
authenticate to the gateway. Clients only need to have their
password in hand. In addition to client security, this paper also
presents highly-desirable security properties such
as server password protection against dishonest gateways
and key privacy against curious authentication servers.
Keywords:
Threshold Protocols, Password-based Authentication.
Reference: Proceedings of the Asiacrypt 2005 Conference, India, Dec 4-8, 2005.
Full paper: PostScript,. PDF.
Presentation: PDF.
Related papers:
M. Abdalla, O.Chevassut and D. Pointcheval, "One-time Verifier-based Encrypted Key Exchange", Proceedings of the International Workshop on Practice and Theory in Public Key Cryptography (PKC), Switzerland, Feb 23-26, 2005.
E. Bresson, O.Chevassut and D. Pointcheval, "New Security Results on Encrypted Key Exchange", Proceedings of the International Workshop on Practice and Theory in Public Key Cryptography (PKC), Singapore, March 1-4, 2004.
[an error occurred while processing this directive]