Jump to ContentJump to Main Navigation
Show Summary Details
More options …

International Journal of Applied Mathematics and Computer Science

Journal of the University of Zielona Góra

IMPACT FACTOR 2018: 1.504
5-year IMPACT FACTOR: 1.553

CiteScore 2018: 2.09

SCImago Journal Rank (SJR) 2018: 0.493
Source Normalized Impact per Paper (SNIP) 2018: 1.361

Mathematical Citation Quotient (MCQ) 2018: 0.08

Open Access
Online
ISSN
2083-8492
See all formats and pricing
More options …
Volume 29, Issue 4

Issues

Password–Authenticated Group Key Establishment from Smooth Projective Hash Functions

Jens-Matthias Bohli
  • Department of Information Technology Mannheim, University of Applied Sciences, Paul-Wittsack-Straße 10, 68163 Manheim, Germany
  • Email
  • Other articles by this author:
  • De Gruyter OnlineGoogle Scholar
/ María Isabel González Vasco
  • Corresponding author
  • Department of Applied Mathematics, Materials Science and Technology, and Electronic Engineering (MACIMTE), King Juan Carlos University, C/ Tulipán s/n, 28933 Móstoles, Madrid, Spain
  • Email
  • Other articles by this author:
  • De Gruyter OnlineGoogle Scholar
/ Rainer Steinwandt
Published Online: 2019-12-31 | DOI: https://doi.org/10.2478/amcs-2019-0059

Abstract

Password-authenticated key exchange (PAKE) protocols allow users sharing a password to agree upon a high entropy secret. Thus, they can be implemented without complex infrastructures that typically involve public keys and certificates. In this paper, a provably secure password-authenticated protocol for group key establishment in the common reference string (CRS) model is presented. While prior constructions of the group (PAKE) can be found in the literature, most of them rely on idealized assumptions, which we do not make here. Furthermore, our protocol is quite efficient, as regardless of the number of involved participants it can be implemented with only three communication rounds. We use a (by now classical) trick of Burmester and Desmedt for deriving group key exchange protocols using a two-party construction as the main building block. In our case, the two-party PAKE used as a base is a one-round protocol by Katz and Vaikuntanathan, which in turn builds upon a special kind of smooth projective hash functions (KV-SPHFs). Smooth projective hash functions (SPHFs) were first introduced by Cramer and Shoup (2002) as a valuable cryptographic primitive for deriving provable secure encryption schemes. These functions and their variants proved useful in many other scenarios. We use here as a main tool a very strong type of SPHF, introduced by Katz and Vaikuntanathan for building a one-round password based two party key exchange protocol. As evidenced by Ben Hamouda et al. (2013), KV-SPHFs can be instantiated on Cramer–Shoup ciphertexts, thus yielding very efficient (and pairing free) constructions.

Keywords: group key exchange; password authentication; smooth projective hashing

References

  • Abdalla, M., Benhamouda, F. and MacKenzie, P. (2015). Security of the J-PAKE password-authenticated key exchange protocol, IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, pp. 571–587.Google Scholar

  • Abdalla, M., Bohli, J.-M., González Vasco, M.I. and Steinwandt, R. (2007). (Password) Authenticated key establishment: From 2-party to group, in S.P. Vadhan (Ed.), Theory of Cryptography Conference, TCC 2007, Lecture Notes in Computer Science, Vol. 4392, Springer, Berlin/Heidelberg, pp. 499–514.Google Scholar

  • Abdalla, M., Bresson, E., Chevassut, O. and Pointcheval, D. (2006). Password-based group key exchange in a constant number of rounds, in M. Yung et al. (Eds), Public Key Cryptography, PKC 2006, Lecture Notes in Computer Science, Vol. 3958, Springer, Berlin/Heidelberg, pp. 427–442.Google Scholar

  • Abdalla, M., Fouque, P.-A. and Pointcheval, D. (2005). Password-based authenticated key exchange in the three-party setting, in S. Vaudenay (Ed.), Public Key Cryptography, PKC 2005, Lecture Notes in Computer Science, Vol. 3386, Springer, Berlin/Heidelberg, pp. 65–84.Google Scholar

  • Abdalla, M., Fouque, P.-A. and Pointcheval, D. (2006). Password-based authenticated key exchange in the three-party setting, IEE Proceedings: Information Security 153(1): 27–39.Google Scholar

  • Abdalla, M. and Pointcheval, D. (2005). Simple password-based encrypted key exchange protocols, in A. Menezes (Ed.), Topics in Cryptology, CT-RSA 2005, Lecture Notes in Computer Science, Vol. 3376, Springer, Berlin/Heidelberg, pp. 191–208.Google Scholar

  • Abdalla, M. and Pointcheval, D. (2006). A scalable password-based group key exchange protocol in the standard model, in X. Lai and K. Chen (Eds), Proceedings of ASIACRYPT 2006, Lecture Notes in Computer Science, Vol. 4284, Springer, Berlin/Heidelberg, pp. 332–347.Google Scholar

  • Bellare, M., Canetti, R. and Krawczyk, H. (1998). A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract), 13th Annual ACM Symposium on the Theory of Computing, Dallas, TX, USA, pp. 419–428, DOI: 10.1145/276698.276854.CrossrefGoogle Scholar

  • Bellare, M., Pointcheval, D. and Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks, in B. Preneel (Ed.), Advances in Cryptology, EUROCRYPT 2000, Lecture Notes in Computer Science, Vol. 1807, Springer, Berlin/Heidelberg, pp. 139–155.Google Scholar

  • Bellare, M. and Rogaway, P. (1994). Entity authentication and key distribution, in D.R. Stinson (Ed.), Advances in Cryptology, CRYPTO’93, Lecture Notes in Computer Science, Vol. 773, Springer, Berlin/Heidelberg, pp. 232–249.Google Scholar

  • Ben Hamouda, F., Blazy, O., Chevalier, C., Pointcheval, D. and Vergnaud, D. (2013). New smooth projective hash functions and one-round authenticated key exchange, IACR Cryptology ePrint Archive 2013: 34, http://eprint.iacr.org/2013/034.

  • Blake-Wilson, S. and Menezes, A. (1999). Authenticated Diffie–Hellman key agreement protocols, in S.E. Tavares and H. Meijer (Eds), Proceedings of the Selected Areas in Cryptography, SAC’98, Springer-Verlag, Berlin/Heidelberg, pp. 339–361.Google Scholar

  • Blazy, O. and Chevalier, C. (2015). Generic construction of UC-secure oblivious transfer, in T. Malkin et al. (Eds), Applied Cryptography and Network Security, Lecture Notes in Computer Science, Vol. 9092, Springer, Berlin/Heidelberg, pp. 65–86.Google Scholar

  • Bohli, J.-M., González Vasco, M.I. and Steinwandt, R. (2007). Secure group key establishment revisited, International Journal of Information Security 6(4): 243–254.Google Scholar

  • Bohli, J.-M., Vasco, M.I.G. and Steinwandt, R. (2018). Password-authenticated constant-round group key establishment from smooth projective hash functions, Cryptology ePrint Archive, Report 2006/214, http://eprint.iacr.org/2006/214.

  • Boyko, V., MacKenzie, P. and Patel, S. (2000). Provably secure password-authenticated key exchange using Diffie–Hellman, in B. Preneel (Ed.), Advances in Cryptology, EUROCRYPT 2000, Lecture Notes in Computer Science, Vol. 1807, Springer, Berlin/Heidelberg, pp. 156–171.Google Scholar

  • Bresson, E., Chevassut, O. and Pointcheval, D. (2002). Group Diffie–Hellman key exchange secure against dictionary attacks, in Y. Zheng (Ed.) Advances in Cryptology, Lecture Notes in Computer Science, Vol. 2501, Springer, Berlin/Heidelberg, pp. 497–514.Google Scholar

  • Burmester, M. and Desmedt, Y. (1995). A secure and efficient conference key distribution system, in A.D. Santis (Ed.), Advances in Cryptology, EUROCRYPT’94, Lecture Notes in Computer Science, Vol. 950, Springer, Berlin/Heidelberg, pp. 275–286.Google Scholar

  • Carter, L. and Wegman, M.N. (1977). Universal classes of hash functions (extended abstract), in J.E. Hopcroft et al. (Eds), Proceedings of the 9th Annual ACM Symposium on Theory of Computing, Boulder, CO, USA, pp. 106–112.Google Scholar

  • Cramer, R. and Shoup, V. (2002). Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption, in L. Knudsen (Ed.), Advances in Cryptology, EUROCRYPT 2002, Lecture Notes in Computer Science, Vol. 2332, Springer, Berlin/Heidelberg, pp. 45–64.Google Scholar

  • Dutta, R. and Barua, R. (2006). Password-based encrypted group key agreement, International Journal of Network Security 3(1): 23–34.Google Scholar

  • Gennaro, R. and Lindell, Y. (2003a). A framework for password-based authenticated key exchange, Cryptology ePrint Archive, Report 2003/032, http://eprint.iacr.org/2003/032.

  • Gennaro, R. and Lindell, Y. (2003b). A framework for password-based authenticated key exchange (extended abstract), in E. Biham (Ed.), Advances in Cryptology, EUROCRYPT 2003, Lecture Notes in Computer Science, Vol. 2656, Springer, Berlin/Heidelberg, pp. 524–543.Google Scholar

  • Gennaro, R. and Lindell, Y. (2006). A framework for password-based authenticated key exchange, ACM Transactions on Information and System Security 9(2): 181–234, DOI: 10.1145/1151414.1151418.CrossrefGoogle Scholar

  • González Vasco, M.I., Martínez, C., Steinwandt, R. and Villar, J.L. (2005). A new Cramer-Shoup like methodology for group based provably secure schemes, in J. Kilian (Ed.), Proceedings of the 2nd Conference on Theory of Cryptography, TCC 2005, Lecture Notes in Computer Science, Vol. 3378, Springer, Berlin/Heidelberg, pp. 495–509.Google Scholar

  • Gorantla, M.C., Boyd, C., González Nieto, J.M. and Manulis, M. (2010). Generic one round group key exchange in the standard model, Information, Security and Cryptology, ICISC 2009, Lecture Notes in Computer Science, Vol. 5984, Springer, Berlin/Heidelberg, pp. 1–15.Google Scholar

  • Hwang, J.Y., Lee, S.-M. and Lee, D.H. (2004). Scalable key exchange transformation: From two-party to group, Electronic Letters 40(12): 728–729.Google Scholar

  • Kalai, Y.T. (2005). Smooth projective hashing and two-message oblivious transfer, in R. Cramer (Ed.), Advances in Cryptology, EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, Springer, Berlin/Heidelberg, pp. 78–95.Google Scholar

  • Katz, J., Ostrovsky, R. and Yung, M. (2001). Efficient password-authenticated key exchange using human-memorable passwords, in B. Pfitzmann (Ed.), Advances in Cryptology, EUROCRYPT 2001, Lecture Notes in Computer Science, Vol. 2045, Springer, Berlin/Heidelberg, pp. 475–494.Google Scholar

  • Katz, J., Ostrovsky, R. and Yung, M. (2006). Efficient and secure authenticated key exchange using weak passwords, http://www.cs.umd.edu/~jkatz/papers/password.pdf.

  • Katz, J. and Shin, J.S. (2005). Modeling insider attacks on group key-exchange protocols, Cryptology ePrint Archive, Report 2005/163, http://eprint.iacr.org/2005/163.

  • Katz, J. and Vaikuntanathan, V. (2013). Round-optimal password-based authenticated key exchange, Journal of Cryptology 26(4): 714–743.Google Scholar

  • Katz, J. and Yung, M. (2007). Scalable protocols for authenticated group key exchange, Journal of Cryptology 20(1): 85–113.Google Scholar

  • Kurosawa, K. and Desmedt, Y. (2004). A new paradigm of hybrid encryption scheme, in M. Franklin (Ed.), Advances in Cryptology, CRYPTO 2004, Lecture Notes in Computer Science, Vol. 3152, Springer, Berlin/Heidelberg, pp. 426–442.Google Scholar

  • Mayer, A. and Yung, M. (1999). Secure protocol transformation via “Expansion”: From two-party to groups, Proceedings of the 6th ACM Conference on Computer and Communications Security, CCS’99, New York, NY, USA, pp. 83–92.Google Scholar

  • Nam, J., Paik, J. and Won, D. (2011). A security weakness in Abdalla et al.’s generic construction of a group key exchange protocol, Information Sciences 181(1): 234–238, DOI: 10.1016/j.ins.2010.09.011.CrossrefGoogle Scholar

  • Shoup, V. (2006). An emerging standard for public-key encryption, ISO 18033-2, International Organization for Standardization, Geneva, http://www.shoup.net/iso/std6.pdf.

About the article

Received: 2018-11-01

Revised: 2019-03-04

Accepted: 2019-05-08

Published Online: 2019-12-31

Published in Print: 2019-12-01


Citation Information: International Journal of Applied Mathematics and Computer Science, Volume 29, Issue 4, Pages 797–815, ISSN (Online) 2083-8492, DOI: https://doi.org/10.2478/amcs-2019-0059.

Export Citation

© 2019 Jens-Matthias Bohli et al., published by Sciendo. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. BY-NC-ND 4.0

Citing Articles

Here you can find all Crossref-listed publications in which this article is cited. If you would like to receive automatic email messages as soon as this article is cited in other publications, simply activate the “Citation Alert” on the top of this page.

[1]
Jens-Matthias Bohli, María I. González Vasco, and Rainer Steinwandt
Symmetry, 2020, Volume 12, Number 2, Page 197

Comments (0)

Please log in or register to comment.
Log in