Browse by author
Lookup NU author(s): Professor Feng Hao
In a two-server password-authenticated key exchange (PAKE) protocol, a client splits its password and stores two shares of its password in the two servers, respectively, and the two servers then cooperate to authenticate the client without knowing the password of the client. In case one server is compromised by an adversary, the password of the client is required to remain secure. In this paper, we present two compilers that transform any two-party PAKE protocol to a two-server PAKE protocol on the basis of the identity-based cryptography, called ID2S PAKE protocol. By the compilers, we can construct ID2S PAKE protocols which achieve implicit authentication. As long as the underlying two-party PAKE protocol and identity-based encryption or signature scheme have provable security without random oracles, the ID2S PAKE protocols constructed by the compilers can be proven to be secure without random oracles. Compared with the Katz et al.'s two-server PAKE protocol with provable security without random oracles, our ID2S PAKE protocol can save from 22 to 66 percent of computation in each server.
Author(s): Yi X, Rao FY, Tari Z, Hao F, Bertino E, Khalil I, Zomaya AY
Publication type: Article
Publication status: Published
Journal: IEEE Transactions on Computers
Year: 2016
Volume: 65
Issue: 12
Pages: 3687-3701
Online publication date: 10/04/2016
Acceptance date: 01/04/2016
Date deposited: 14/05/2018
ISSN (print): 0018-9340
ISSN (electronic): 1557-9956
Publisher: IEEE
URL: http://dx.doi.org/10.1109/TC.2016.2553031
DOI: 10.1109/TC.2016.2553031
Altmetrics provided by Altmetric
