ISSN : 1796-203X
Volume : 1    Issue : 8    Date : December 2006

Password-authenticated Key Exchange using Efficient MACs
Maurizio A. Strangio
Page(s): 27-35
Full Text:
PDF (452 KB)

This paper is concerned with password authenticated key agreement protocols. Designing such
protocols represents an interesting challenge since there is no standard way of choosing a
password that achieves an optimum trade-off between usability and security. Indeed, passwords
belonging to a highly structured language are essentially equivalent to low entropy strings. A
fundamental goal is that of obtaining secure and efficient protocols, with optimum computational
complexity, round complexity and communication efficiency. These properties make them ideal
candidates for mobile devices. We present DH-BPAKE1 which is an improved version of the
protocol presented in previous work (DH-BPAKE). The construction builds upon the encrypted key
exchange protocol of Bellovin and Merritt augmented with a key confirmation round based on the
use of efficient message authentication codes. We discuss in detail the security properties of the
two efficient message authentication schemes which form the basic building blocks of the protocol.
In addition, we formally prove the security of protocol DH-BPAKE1 in a modified version of the model
of Boyko et al.

Index Terms
key agreement protocols, password based authentication, message authentication scheme