|
|
Please login using the form on menu list.
It is required to login for Full-Text PDF.
|
Does Secure Password-Based Authenticated Key Exchange against Leakage of Internal States Exist?
Kazuki YONEYAMA
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences Vol.E92-A No.1 pp.113-121
Publication Date: 2009/01/01
Online ISSN: 1745-1337
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Secure Protocol
Keyword:
authenticated key exchange,
password,
leakage of static key,
leakage of ephemeral key,
3-party setting,
Full Text: PDF(216.9KB)
Summary:
In this paper, we raise a question about existence of secure password-based authenticated key exchange against leakage of internal states (i.e., the passwords and session-specific private information). Toward this question, first, we classify six models of adversary's capabilities about leakage. Next, as a result of considerations for 2-party PAKE, we find two negative answers, but also find a positive answer. More specifically, we show that there exists no scheme which is secure in strong leakage models, but we also show that there exists a scheme which is secure in weak leakage models. Also, we consider the case of 3-party setting which is a special setting of password-based authenticated key exchange, and we find similar impossibilities as 2-party setting.
|
|
