Research on Password-Authenticated Group Key Exchange - PowerPoint PPT Presentation

About This Presentation
Title:

Research on Password-Authenticated Group Key Exchange

Description:

Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai ... A fundamental problem in cryptography is how to communicate securely over ... – PowerPoint PPT presentation

Number of Views:151
Avg rating:3.0/5.0
Slides: 14
Provided by: Mami82
Learn more at: http://www.iacr.org
Category:

less

Transcript and Presenter's Notes

Title: Research on Password-Authenticated Group Key Exchange


1
Research on Password-Authenticated Group Key
Exchange
Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee
(CIST, Korea Univ.) Kouchi Sakurai
(Kyushu Univ.) March 5, 2006
2
Motivation
  • A fundamental problem in cryptography is how to
    communicate securely over an insecure channel.

3
Motivation
  • How can we obtain a secret session key?
  • Public-key encryption or signature
  • too high for certain applications
  • Password-Authenticated Key Exchange (PAKE)
  • PAKE allows to share a secret key between
    specified parties using just a human-memorable
    password.
  • convenience, mobility, and less hardware
    requirement
  • no security infrastructure

4
Classification of PAKE
5
Our research topic on PAKE
- Password-Authenticated Group Key Exchange
(PAGKE) -
6
PAGKE Setting
  • A broadcast group consisting of a set of users
  • each user holds a low-entropy secret (pw)

Group with sk
7
Previous Works
  • Efficient Password-Based Group Key Exchange
    (Trust-Bus 04) - S. M. Lee, J. Y. Hwang, and D.
    H. Lee.
  • a provably secure constant-round PAGKE protocol
  • forward-secure and secure against known-key
    attacks
  • ideal-cipher and ideal-hash assumptions
  • Password-based Group Key Exchange in a Constant
    Number of Rounds (PKC 06) - Abdalla, E.
    Bresson, O. Chevassut, and D. Pointcheval.
  • a provably secure constant-round PAGKE protocol
  • secure against known-key attacks
  • ideal-cipher and ideal-hash assumptions

8
Our Goal
  • The focus of this work is to provide a
    provably-secure constant-round PAGKE protocol
    without using the random oracle model.

9
Preliminary for protocol
  • Public information
  • G a finite cyclic group has order q
  • p a safe prime such that p2q1
  • g1,g2 generators of G
  • H a one-way hash function
  • F a pseudo random function family

10
Burmester and Desmedts Protocol
U1
U2
U3
U4
R1
R2
M. Burmester and Y. Desmedt. A Secure and
Efficient Conference Key Distribution System, In
Proc. of EUROCRYPT 94.
11
Protocol
U1
U2
U3
U4
R1
R2
12
Security Measurement
  • Security theorem
  • where t is the maximum total game time
    including an adversarys running time, and an
    adversary makes qex execute-queries, qse
    send-queries. n is the upper bound of the number
    of the parties in the game, Ns is the upper bound
    of the number of sessions that an adversary
    makes, PW is the size of a password space.
  • Under the intractability assumption of the DDH
    problem and if F is a secure pseudo random
    function family, the proposed protocol is secure
    against dictionary attacks and known-key attacks,
    and provides forward secrecy.

13
  • Thank you !

Jeong Ok Kwon (pitapat_at_korea.ac.kr)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Research on Password-Authenticated Group Key Exchange" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!