Lookup NU author(s): Dr Feng Hao,
Professor Peter Ryan
Password Authenticated Key Exchange (PAKE) is one of theimportant topics in cryptography. It aims to address apractical security problem: how to establish securecommunication between two parties solely based on a sharedpassword without requiring a Public Key Infrastructure (PKI).After more than a decade of extensive research in this field,there have been several PAKE protocols available. The EKE andSPEKE schemes are perhaps the two most notable examples. Bothtechniques are however patented. In this paper, we review thesetechniques in detail and summarize various theoretical andpractical weaknesses. In addition, we present a new PAKEsolution called J-PAKE. Our strategy is to depend onwell-established primitives such as the Zero-Knowledge Proof(ZKP). So far, almost all of the past solutions have avoidedusing ZKP for the concern on efficiency. We demonstrate how toeffectively integrate the ZKP into the protocol design andmeanwhile achieve good efficiency. Our protocol has comparablecomputational efficiency to the EKE and SPEKE schemes withclear advantages on security.
Author(s): Hao F, Ryan PYA
Editor(s): Gavrilova, M.L., Tan, C.J.K., Moreno, E.D.
Publication type: Book Chapter
Book Title: Transactions on Computational Science XI: Special Issue on Security in Computing, Part II
Series Title: Springer Transactions on Computational Science
Place Published: Berlin; New York
Library holdings: Search Newcastle University Library for this item