Cross-realm password-based server aided key exchange

Abstract

In this paper, we extend password-based server aided key exchange (PSAKE) to the cross-realm setting which two clients in two different realms with different passwords can exchange a session key through their corresponding servers, i.e., there are two servers. We cannot simply apply the previous security model of PSAKE to cross-realm setting because there is the difference between security properties which can be captured in the previous setting and in the new setting. Therefore, we define a new formal security model of cross-realm PSAKE. Our model captures all desirable security requirements, like resistance to leakage of ephemeral private keys, to key-compromise impersonation and to undetectable on-line dictionary attack. Furthermore, we propose a concrete construction of cross-realm PSAKE with the optimal number of rounds for a client, which is secure in the sense of our model. Our scheme assumes no pre-established secure channels between different realms unlike previous schemes, but just authenticated channels between different realms. © 2011 Springer-Verlag.