Paper 2024/1057
Password-authenticated Key Exchange and Applications
, Norwegian University of Science and TechnologyAbstract
We analyse a two password-authenticated key exchange protocols, a variant of CPace and a protocol related to the well-known SRP protocol. Our security results are tight. The first result gives us some information about trade-offs for design choices in CPace. The second result provides information about the security of SRP. Our analysis is done in a new game-based security definition for password-authenticated key exchange. Our definition accomodates arbitrary password sampling methodologies. Our definition also supports modular security analysis, which we illustrate by giving two example applications of password-authenticated key exchange: password-authenticated secure channels and password-authenticated device authorisation, capturing popular applications of passwords.
Note: This paper originated as teaching materials for a seminar on key exchange, but was eventually submitted and summarily rejected in 2023. Since then, some people have expressed an interest in the results, so I make it public in case someone finds it useful. This version is lightly edited relative to the 2023 submission, adopting most of the comments of the anonymous reviewers (with some omissions).
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- password-authenticated key exchangePAKECPaceSRP
- Contact author(s)
- kristian gjosteen @ ntnu no
- History
- 2024-06-30: approved
- 2024-06-28: received
- See all versions
- Short URL
- https://ia.cr/2024/1057
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1057,
author = {Kristian Gjøsteen},
title = {Password-authenticated Key Exchange and Applications},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/1057},
year = {2024},
url = {https://eprint.iacr.org/2024/1057}
}
