Analysis of two pairing-based three-party password authenticated key exchange protocols

Password-Authenticated Key Exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Nam et al. showed that a provably secure three-party password-based authenticated key exchange protocol using Weil pairing by Wen et al. is vulnerable to a man-in-the-middle attack. In doing so, Nam et al. showed the flaws in the proof of Wen et al. and described how to fix the problem so that their attack no longer works. In this paper, we show that both Wen et al. and Nam et al. variants fall to key compromise impersonation by any adversary. Our results underline the fact that although the provable security approach is necessary to designing PAKEs, gaps still exist between what can be proven and what are really secure in practice

Analysis of Two Pairing-Based Three-Party Password Authenticated Key Exchange Protocols

Password-Authenticated Key Exchange (PAKE) protocols allow parties to share secret keys in an authentic manner based on an easily memorizable password. Recently, Nam et al. showed that a provably secure three-party password-based authenticated key exchange protocol using Weil pairing by Wen et al. is vulnerable to a man-in-the-middle attack. In doing so, Nam et al. showed the flaws in the proof of Wen et al. and described how to fix the problem so that their attack no longer works. In this paper, we show that both Wen et al. and Nam et al. variants fall to key compromise impersonation by any adversary. Our results underline the fact that although the provable security approach is necessary to designing PAKEs, gaps still exist between what can be proven and what are really secure in practice

Key exchange with the help of a public ledger

Blockchains and other public ledger structures promise a new way to create globally consistent event logs and other records. We make use of this consistency property to detect and prevent man-in-the-middle attacks in a key exchange such as Diffie-Hellman or ECDH. Essentially, the MitM attack creates an inconsistency in the world views of the two honest parties, and they can detect it with the help of the ledger. Thus, there is no need for prior knowledge or trusted third parties apart from the distributed ledger. To prevent impersonation attacks, we require user interaction. It appears that, in some applications, the required user interaction is reduced in comparison to other user-assisted key-exchange protocols

Sufficient condition for ephemeral key-leakage resilient tripartite key exchange

17th Australasian Conference on Information Security and Privacy, ACISP 2012; Wollongong, NSW; Australia; 9 July 2012 through 11 July 2012Tripartite (Diffie-Hellman) Key Exchange (3KE), introduced by Joux (ANTS-IV 2000), represents today the only known class of group key exchange protocols, in which computation of unauthenticated session keys requires one round and proceeds with minimal computation and communication overhead. The first one-round authenticated 3KE version that preserved the unique efficiency properties of the original protocol and strengthened its security towards resilience against leakage of ephemeral (session-dependent) secrets was proposed recently by Manulis, Suzuki, and Ustaoglu (ICISC 2009). In this work we explore sufficient conditions for building such protocols. We define a set of admissible polynomials and show how their construction generically implies 3KE protocols with the desired security and efficiency properties. Our result generalizes the previous 3KE protocol and gives rise to many new authenticated constructions, all of which enjoy forward secrecy and resilience to ephemeral key-leakage under the gap Bilinear Diffie-Hellman assumption in the random oracle model. © 2012 Springer-Verlag

PACCE -A Real Genuine Key Swap over Protocols

A Secure protocols for password-based user authentication unit well-studied among the crypto logical literature but have did not see wide-spread adoption on the internet; most proposals up to presently want full modifications to the Transport Layer Security (TLS) protocol, making preparation onerous. Recently many traditional styles square measure projected among that a cryptographically secure countersign-based mutual authentication protocol is run among a confidential (but not primarily authenticated) channel like TLS; the countersign protocol is sure to the established channel to forestall active attacks. Such protocols unit helpful in apply for a ramification of reasons: ability to validate server certificates and can all told likelihood be enforced with no modifications to the secure channel protocol library. It offers a scientific study of such authentication protocols. Building on recent advances in modelling TLS, we've associate inclination to provide a correct definition of the meant security goal, that we've associate inclination to decision password-authenticated and confidential channel institution (PACCE). we've associate inclination to imply generically that combining a secure channel protocol, like TLS, Our prototypes supported TLS unit accessible as a cross-platform client-side Firefox browser extension furthermore as associate golem application and a server-side internet application which will simply be place in on servers