J-PAKE: authenticated key exchange without PKI
Feng Hao,Peter Y. A. Ryan +1 more
- Vol. 11, pp 192-206
TLDR
This paper demonstrates how to effectively integrate the ZKP into the protocol design and meanwhile achieve good efficiency, and presents a new PAKE solution called J-PAKE, which has comparable computational efficiency to the EKE and SPEKE schemes with clear advantages on security.Abstract:
Password Authenticated Key Exchange (PAKE) is one of the important topics in cryptography. It aims to address a practical security problem: how to establish secure communication between two parties solely based on a shared password without requiring a Public Key Infrastructure (PKI). After more than a decade of extensive research in this field, there have been several PAKE protocols available. The EKE and SPEKE schemes are perhaps the two most notable examples. Both techniques are however patented. In this paper, we review these techniques in detail and summarize various theoretical and practical weaknesses. In addition, we present a new PAKE solution called J-PAKE. Our strategy is to depend on well-established primitives such as the Zero-Knowledge Proof (ZKP). So far, almost all of the past solutions have avoided using ZKP for the concern on efficiency. We demonstrate how to effectively integrate the ZKP into the protocol design and meanwhile achieve good efficiency. Our protocol has comparable computational efficiency to the EKE and SPEKE schemes with clear advantages on security.read more
Citations
More filters
Journal ArticleDOI
A Survey on Security Aspects for LTE and LTE-A Networks
TL;DR: An overview of the security functionality of the LTE and LTE-A networks and the security vulnerabilities existing in the architecture and the design are explored and the potential research issues for the future research works are shown.
Proceedings ArticleDOI
Security of the J-PAKE Password-Authenticated Key Exchange Protocol
TL;DR: The first proof of security for this protocol in a well-known and accepted model for authenticated key-exchange, that incorporates online and offline password guessing, concurrent sessions, forward secrecy, server compromise, and loss of session keys is presented.
Book ChapterDOI
Provably Secure Password Authenticated Key Exchange Based on RLWE for the Post-Quantum World
TL;DR: Two lattice-based PAKE protocols are constructed that rely on the Ring-Learning-with-Errors (RLWE) assumption, and exploit the additive structure of the underlying ring, and believe they are suitable quantum safe replacements for \(\mathsf {PAK}\) and \(\ mathsf {PPK}\).
Posted Content
Provably Secure Password Authenticated Key Exchange Based on RLWE for the Post-QuantumWorld.
TL;DR: In this article, the authors proposed two lattice-based password-authenticated key exchange (PAKE) protocols based on the ring-learning-with-errors (RLWE) assumption, and exploited the additive structure of the underlying ring.
Journal ArticleDOI
Network Architecture, Security Issues, and Hardware Implementation of a Home Area Network for Smart Grid
Sergio Saponara,Tony Bacchillone +1 more
TL;DR: Possible hardware-software architectures and implementations using COTS (Commercial Off The Shelf) components are presented for key building blocks of the energy HAN such as smart power meters and plugs and a home smart information box providing energy management policy and supporting user's energy awareness.
References
More filters
Book
Handbook of Applied Cryptography
TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Proceedings ArticleDOI
How to play ANY mental game
TL;DR: This work presents a polynomial-time algorithm that, given as a input the description of a game with incomplete information and any number of players, produces a protocol for playing the game that leaks no partial information, provided the majority of the players is honest.
Book
Cryptography: Theory and Practice
TL;DR: The object of the book is to produce a general, comprehensive textbook that treats all the essential core areas of cryptography.
Journal ArticleDOI
Efficient signature generation by smart cards
TL;DR: An efficient algorithm that preprocesses the exponentiation of a random residue modulo p is presented, which improves the ElGamal signature scheme in the speed of the procedures for the generation and the verification of signatures and also in the bit length of signatures.