About Validity Checks of Augmented PAKE in IEEE 1363.2 and ISO/IEC 11770-4

SeongHan SHIN  Kazukuni KOBARA  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E97-A   No.1   pp.413-417
Publication Date: 2014/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E97.A.413
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Cryptography and Information Security
PAKE,  on-line/off-line dictionary attacks,  augmented PAKE,  IEEE 1363.2,  ISO/IEC 11770-4,  validity checks,  

Full Text: PDF(103.7KB)
>>Buy this Article

An augmented PAKE (Password-Authenticated Key Exchange) protocol provides password-only authentication in the presence of an attacker, establishment of session keys between the involving parties, and extra protection for server compromise (i.e., exposure of password verification data). Among many augmented PAKE protocols, AMP variants (AMP2 [16] and AMP+ [15]) have been standardized in IEEE 1363.2 [9] and ISO/IEC 11770-4 [10]. In this paper, we thoroughly investigate APKAS-AMP (based on AMP2 [16]) and KAM3 (based on AMP+ [15]) which require several validity checks on the values, received and computed by the parties, when using a secure prime. After showing some attacks on APKAS-AMP and KAM3, we suggest new sanity checks that are clear and sufficient to prevent an attacker from doing these attacks.