Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack

Yukou Kobayashi; Naoto Yanai; Kazuki Yoneyama; Takashi Nishide; Goichiro Hanaoka; Kwangjo Kim; Eiji Okamoto

doi:10.5220/0005539300390052

Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack

Yukou Kobayashi, Naoto Yanai, Kazuki Yoneyama, Takashi Nishide, Goichiro Hanaoka, Kwangjo Kim, Eiji Okamoto

2015

Abstract

Password-based Authenticated Key Exchange (PAKE) allows a server to authenticate a user and to establish a session key shared between the server and the user just by having memorable passwords. In PAKE, conventionally the server is assumed to have the authentication functionality and also provide on-line services simultaneously. However, in the real-life applications, this may not be the case, and the authentication server may be separate from on-line service providers. In such a case, there is a problem that a malicious service provider with no authentication functionality may be able to guess the passwords by interacting with other participants repeatedly. Abdalla et al. put forward a notion of the server password protection security to deal with this problem. However, their proposed schemes turned out to be vulnerable to Undetectable On-line Dictionary Attack (UDonDA). To cope with this situation, we propose the Gateway Threshold PAKE provably secure against this password guessing attack by also taking the corruption of authentication servers into consideration.

Download

Paper Citation

in Harvard Style

Kobayashi Y., Yanai N., Yoneyama K., Nishide T., Hanaoka G., Kim K. and Okamoto E. (2015). Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 39-52. DOI: 10.5220/0005539300390052

in Bibtex Style

@conference{secrypt15,
author={Yukou Kobayashi and Naoto Yanai and Kazuki Yoneyama and Takashi Nishide and Goichiro Hanaoka and Kwangjo Kim and Eiji Okamoto},
title={Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={39-52},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005539300390052},
isbn={978-989-758-117-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Gateway Threshold Password-based Authenticated Key Exchange Secure against Undetectable On-line Dictionary Attack
SN - 978-989-758-117-5
AU - Kobayashi Y.
AU - Yanai N.
AU - Yoneyama K.
AU - Nishide T.
AU - Hanaoka G.
AU - Kim K.
AU - Okamoto E.
PY - 2015
SP - 39
EP - 52
DO - 10.5220/0005539300390052