Paper 2007/469

ID-Based Group Password-Authenticated Key Exchange

Xun Yi, Raylin Tso, and Eiji Okamoto

Abstract

Password-authenticated key exchange (PAKE) protocols are designed to be secure even when the secret key used for authentication is a human-memorable password. In this paper, we consider PAKE protocols in the group scenario, in which a group of clients, each of them shares a password with an ``honest but curious'' server, intend to establish a common secret key (i.e., a group key) with the help of the server. In this setting, the key established is known to the clients only and no one else, including the server. Each client needs to remember passwords only while the server keeps passwords in addition to private keys related to his identity. Towards our goal, we present a compiler that transforms any group key exchange (KE) protocol secure against a passive eavesdropping to a group PAKE which is secure against an active adversary who controls all communication in the network. This compiler is built on any group KE protocol (e.g., the Burmester-Desmedt protocol), any identity-based encryption (IBE) scheme (e.g., Gentry's scheme), and any identity-based signature (IBS) scheme (e.g., Paterson-Schuldt scheme). It adds only two rounds and $O(1)$ communication (per client) to the original group KE protocol. As long as the underlying group KE protocol, IBE scheme and an IBS scheme have provably security without random oracles, a group PAKE constructed by our compiler can be proven to be secure without random oracles.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. An old version of the protocol was presented on NIST IBE Workshop 2008.
Keywords
Group key agreementprotocol compilerpassword-authenticated key exchangecommon reference model.
Contact author(s)
Xun Yi @ vu edu au
History
2008-12-04: revised
2007-12-19: received
See all versions
Short URL
https://ia.cr/2007/469
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/469,
      author = {Xun Yi and Raylin Tso and Eiji Okamoto},
      title = {ID-Based Group Password-Authenticated Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2007/469},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/469}},
      url = {https://eprint.iacr.org/2007/469}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.