Leakage-Resilient Password-Based Authenticated Key Exchange | SpringerLink
Skip to main content
Springer Nature Link
Log in

Leakage-Resilient Password-Based Authenticated Key Exchange

  • Conference paper
  • First Online:
Algorithms and Architectures for Parallel Processing (ICA3PP 2017)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10393))

  • 2439 Accesses

Abstract

Password-based authenticated key exchange (PAKE) protocols are among the most practically cryptographic primitives, where no additional device is required, but just a short human-memorable password. There are lots of works for PAKE protocols. All these protocols were proven secure in the traditional model, but could be completely insecure in the presence of side-channel attacks. In many practical applications such as Internet of Things, PAKE systems are very vulnerable to side-channel attacks, where a very small leakage may be completely exposed the whole password. Therefore, it is very important to model and design the leakage-resilient (LR) PAKE protocols. However, there is no prior work for modelling and constructing LR PAKE protocols. In this paper, we first formalize the LR eCK security model for PAKE, and then propose a continuous after-the-fact LR eCK-secure PAKE protocol based on key derivation function, leakage-resilient storage (LRS) and leakage-resilient refreshing of LRS, and show a formal security proof in the standard model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 11439
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 14299
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Chen, C.S., Wang, T., Tian, J.: Improving timing attack on RSA-CRT via error detection and correction strategy. Inf. Sci. 232, 464–474 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  2. Krawczyk, H.: On extract-then-expand key derivation functions and an HMAC based KDF (2008). http://webee.technion.ac.il/~hugo/kdf/kdf.pdf

  3. Davì, F., Dziembowski, S., Venturi, D.: Leakage-resilient storage. In: Garay, J.A., Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 121–137. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15317-4_9

    Chapter  Google Scholar 

  4. Dziembowski, S., Faust, S.: Leakage-resilient cryptography from the inner-product extractor. In: Lee, D.H., Wang, X.Y., (eds.) Asiacrypt 2011, Seoul, South Korea, pp. 702–721 (2011)

    Google Scholar 

  5. Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of IEEE Symposium on Security & Privacy, Oakland, California pp. 72–84. IEEE Computer Society Press (1992)

    Google Scholar 

  6. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B., (ed.) Proceedings of EUROCRYPT 2000, Bruges, Belgium, pp. 139–155 (2000)

    Google Scholar 

  7. MacKenzie, P.D., Patel, S., Swaminathan, R.: Password-authenticated key exchange based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000). doi:10.1007/3-540-44448-3_46

    Chapter  Google Scholar 

  8. Byun, J.W., Lee, D.H., Lim, J.I.: EC2C-PAKA: an efficient client-to-client password- authenticated key agreement. Inf. Sci. 177(19), 3995–4013 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  9. Mohammad, S.F., Mahmoud, A.: An efficient client–client password-based authentication scheme with provable security. J. Supercomput. 70(2), 1002–1022 (2014)

    Article  Google Scholar 

  10. Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. J. Cryptol. 19(3), 241–340 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  11. Katz, J., Ostrovsky, R., Yung, M.: Efficient and secure authenticated key exchange using weak passwords. J. ACM 57(1), 78–116 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  12. Katz, J., MacKenzie, P.D., Taban, G., Gligor, V.D.: Two-server password-only authenticated key exchange. J. Comput. Syst. Sci. 78(2), 651–669 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  13. Canetti, R., Dachman-Soled, D., Vaikuntanathan, V., Wee, H.: Efficient password authenticated key exchange via oblivious transfer. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 449–466. Springer, Heidelberg (2012). doi:10.1007/978-3-642-30057-8_27

    Chapter  Google Scholar 

  14. Goyal, V.: Positive results for concurrently secure computation in the plain model. In: 53rd Annual Symposium on Foundations of Computer Science (FOCS), New Brunswick, NJ, USA, pp. 41–50. IEEE Computer Society (2012)

    Google Scholar 

  15. Ruan, O., Kumar, N., He, D.B., Lee, J.H.: Efficient provably secure password-based explicit authenticated key agreement. Pervasive Mob. Comput. 24(12), 50–60 (2015)

    Article  Google Scholar 

  16. Yi, X., Rao, F.Y., Tari, Z., Hao, F.: ID2S password-authenticated key exchange protocols. IEEE Trans. Comput. 2016, 1–14 (2016)

    Article  MathSciNet  MATH  Google Scholar 

  17. Islam, S.H.: Design and analysis of a three party password-based authenticated key exchange protocol using extended chaotic maps. Inf. Sci. 312(C), 104–130 (2015)

    Article  MathSciNet  Google Scholar 

  18. Amin, R., Biswas, G.P.: Cryptanalysis and design of a three-party authenticated key exchange protocol using smart card. Arab. J. Forence Eng. 40(11), 1–15 (2015)

    MathSciNet  Google Scholar 

  19. Lu, C.F.: Multi-party password-authenticated key exchange scheme with privacy preservation for mobile environment. Ksii Trans. Internet Inf. Syst. 9(12), 5135–5149 (2015)

    Google Scholar 

  20. Nam, J., Paik, J., Kim, J., Lee, Y., Won, D.: Server-aided password-authenticated key exchange: from 3-party to group. In: Smith, M.J., Salvendy, G. (eds.) Human Interface 2011. LNCS, vol. 6771, pp. 339–348. Springer, Heidelberg (2012). doi:10.1007/978-3-642-21793-7

    Chapter  Google Scholar 

  21. Guo, C., Zhang, Z., Zhu, L., Tan, Y.A., Yang, Z.: Scalable protocol for cross-domain group password-based authenticated key exchange. Front. Comput. Sci. 9(1), 157–169 (2014)

    Article  MathSciNet  Google Scholar 

  22. Moriyama, D., Okamoto, T.: Leakage resilient eCK-secure key exchange protocol without random oracles. In: Cheung,B., Hui, L., (eds.) ASIACCS 2011, Hong Kong, China, pp. 441–447 (2011)

    Google Scholar 

  23. LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007). doi:10.1007/978-3-540-75670-5_1

    Chapter  Google Scholar 

  24. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). doi:10.1007/3-540-44987-6_28

    Chapter  Google Scholar 

  25. Alawatugoda, J., Boyd, C., Stebila, D.: Continuous after-the-fact leakage-resilient key exchange. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 258–273. Springer, Cham (2014). doi:10.1007/978-3-319-08344-5_17

    Google Scholar 

  26. Alawatugoda, J., Stebila, D., Boyd, C.: Modelling after-the-fact leakage for key exchange. In: Moriai, S., Jaeger, T., Sakurai, K., (eds.) ASIACCS 2014, Kyoto, Japan, 207–216 (2014)

    Google Scholar 

  27. Alawatugoda, J., Stebila, D., Boyd, C.: Continuous after-the-fact leakage-resilient eCK-secure key exchange. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 277–294. Springer, Cham (2015). doi:10.1007/978-3-319-27239-9_17

    Chapter  Google Scholar 

  28. Chen, R., Mu, Y., Yang, G., Susilo, W., Guo, F.C.: Strongly leakage-resilient authenticated key exchange. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 19–36. Springer, Cham (2016). doi:10.1007/978-3-319-29485-8_2

    Chapter  Google Scholar 

  29. Ruan, O., Zhang, Y.Y., Zhang, M.W., Zhou, J., Harn, L.: After-the-fact leakage-resilient identity-based authenticated key exchange. IEEE Syst. J. (2017). doi:10.1109/JSYST.2017.2685524

    Google Scholar 

  30. Toorani, M.: On continuous after-the-fact leakage-resilient key exchange. In: Pimentel (ed.) Proceedings of the Second Workshop on Cryptography and Security in Computing Systems, Amsterdam, Netherlands, pp. 31–35 (2015)

    Google Scholar 

  31. Yang, Z., Li, S.Q.: On security analysis of an after-the-fact leakage resilient key exchange protocol. Inf. Process. Lett. 116(1), 33–40 (2016)

    Article  MathSciNet  MATH  Google Scholar 

  32. Chakraborty, S., Paul, G., Rangan, C.P.: Flaw in the Security Analysis of Leakage-resilient Authenticated Key Exchange Protocol from CT-RSA 2016 and Restoring the Security Proof (2016). http://eprint.iacr.org/2016/862.pdf

Download references

Acknowledgement

The work was supported by the Educational Commission of Hubei Province of China (No. D20151401) and the Green Industry Technology Leading Project of Hubei University of Technology (No. ZZTS2017006).

Author information

Authors and Affiliations

  1. School of Computer Science, Hubei University of Technology, Wuhan, China

    Ou Ruan & Mingwu Zhang

  2. School of Computer Science, Wuhan University, Wuhan, China

    Jing Chen

Authors
  1. Ou Ruan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingwu Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jing Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ou Ruan .

Editor information

Editors and Affiliations

  1. Inria, Rennes, France

    Shadi Ibrahim

  2. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

  3. Aalto University, Espoo, Finland

    Zheng Yan

  4. University of Alberta, Edmonton, Alberta, Canada

    Witold Pedrycz

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Ruan, O., Zhang, M., Chen, J. (2017). Leakage-Resilient Password-Based Authenticated Key Exchange. In: Ibrahim, S., Choo, KK., Yan, Z., Pedrycz, W. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2017. Lecture Notes in Computer Science(), vol 10393. Springer, Cham. https://doi.org/10.1007/978-3-319-65482-9_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-65482-9_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-65481-2

  • Online ISBN: 978-3-319-65482-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation