Presentation | 2010-03-04 About Security of Threshold Anonymous Password-Authenticated Key Exchange SeongHan SHIN, Kazukuni KOBARA, Hideki IMAI, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | An anonymous password-authenticated key exchange protocol is designed to provide both password-only authentication and client anonymity against a semi-honest server, who honestly follows the protocol. In IN-DOCRYPT2008, Yang and Zhang [24] proposed a new anonymous PAKE (NAPAKE) protocol and its threshold (D-NAPAKE) which they claimed to be secure against insider attacks. In this paper, we first show that the D-NAPAKE protocol [24] is insecure against insider attacks unlike their claim. Specifically, only one legitimate client can freely impersonate any subgroup of clients (the threshold t > 1) to the server. Then, we propose a threshold anonymous PAKE (called, TAP^+) protocol which provides security against insider attacks. Moreover, we prove that the TAP+ protocol is AKE-secure against active attacks as well as insider attacks under the computational Diffie-Hellman problem, and provides client anonymity against a semi-honest server, who honestly follows the protocol. Finally, several discussions are followed: 1) We also show another threshold anonymous PAKE protocol by applying our RATIONALE to the (non-threshold) anonymous PAKE (VEAP) protocol [21]; and 2) We give the efficiency comparison and security consideration of the TAP+ protocol. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | password-authenticated key exchange / passwords / on-line/off-line dictionary attacks / anonymity / efficiency / provable security |
Paper # | IT2009-75,ISEC2009-83,WBS2009-54 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2010/2/25(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | ENG |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | About Security of Threshold Anonymous Password-Authenticated Key Exchange |
Sub Title (in English) | |
Keyword(1) | password-authenticated key exchange |
Keyword(2) | passwords |
Keyword(3) | on-line/off-line dictionary attacks |
Keyword(4) | anonymity |
Keyword(5) | efficiency |
Keyword(6) | provable security |
1st Author's Name | SeongHan SHIN |
1st Author's Affiliation | Research Center for Information Security, AIST() |
2nd Author's Name | Kazukuni KOBARA |
2nd Author's Affiliation | Research Center for Information Security, AIST |
3rd Author's Name | Hideki IMAI |
3rd Author's Affiliation | Research Center for Information Security, AIST:Chuo University |
Date | 2010-03-04 |
Paper # | IT2009-75,ISEC2009-83,WBS2009-54 |
Volume (vol) | vol.109 |
Number (no) | 445 |
Page | pp.pp.- |
#Pages | 8 |
Date of Issue |