Password-authenticated key exchange (PAKE) for two-party allows a client and a server communicating over a public network to share a session key using a human-memorable password only. PAKE protocols can be served as basic building blocks for constructing secure, complex, and higher-level protocols which were initially built upon the Transport Layer Security (TLS) protocol. In this paper, we propose a provably-secure verifier-based PAKE protocol well suited with the TLS protocol which requires only a single round. The protocol is secure against attacks using compromised server's password file and known-key attacks, and provides forward secrecy, which is analyzed in the ideal hash model. This scheme matches the most efficient verifier-based PAKE protocol among those found in the literature. It is the first provably-secure one-round protocol for verifier-based PAKE in the two-party setting. © IFIP International Federation for Information Processing 2006.
CITATION STYLE
Kwon, J. O., Sakurai, K., & Lee, D. H. (2006). One-round protocol for two-party verifier-based password-authenticated key exchange. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4237 LNCS, pp. 87–96). Springer Verlag. https://doi.org/10.1007/11909033_8
Mendeley helps you to discover research relevant for your work.