Toggle Main Menu Toggle Search

Open Access padlockePrints

J-PAKE: Authenticated Key Exchange Without PKI

Lookup NU author(s): Professor Feng Hao, Professor Peter Ryan

Downloads


Abstract

Password Authenticated Key Exchange (PAKE) is one of theimportant topics in cryptography. It aims to address apractical security problem: how to establish securecommunication between two parties solely based on a sharedpassword without requiring a Public Key Infrastructure (PKI).After more than a decade of extensive research in this field,there have been several PAKE protocols available. The EKE andSPEKE schemes are perhaps the two most notable examples. Bothtechniques are however patented. In this paper, we review thesetechniques in detail and summarize various theoretical andpractical weaknesses. In addition, we present a new PAKEsolution called J-PAKE. Our strategy is to depend onwell-established primitives such as the Zero-Knowledge Proof(ZKP). So far, almost all of the past solutions have avoidedusing ZKP for the concern on efficiency. We demonstrate how toeffectively integrate the ZKP into the protocol design andmeanwhile achieve good efficiency. Our protocol has comparablecomputational efficiency to the EKE and SPEKE schemes withclear advantages on security.


Publication metadata

Author(s): Hao F, Ryan PYA

Editor(s): Gavrilova, M.L., Tan, C.J.K., Moreno, E.D.

Publication type: Book Chapter

Publication status: Published

Book Title: Transactions on Computational Science XI: Special Issue on Security in Computing, Part II

Year: 2010

Volume: 6480

Pages: 192-206

Series Title: Springer Transactions on Computational Science

Publisher: Springer

Place Published: Berlin; New York

URL: http://dx.doi.org/10.1007/978-3-642-17697-5_10

DOI: 10.1007/978-3-642-17697-5_10

Library holdings: Search Newcastle University Library for this item

ISBN: 9783642176968


Share