Abstract
Password-based authenticated key exchange (PAKE) protocols are among the most practically cryptographic primitives, where no additional device is required, but just a short human-memorable password. There are lots of works for PAKE protocols. All these protocols were proven secure in the traditional model, but could be completely insecure in the presence of side-channel attacks. In many practical applications such as Internet of Things, PAKE systems are very vulnerable to side-channel attacks, where a very small leakage may be completely exposed the whole password. Therefore, it is very important to model and design the leakage-resilient (LR) PAKE protocols. However, there is no prior work for modelling and constructing LR PAKE protocols. In this paper, we first formalize the LR eCK security model for PAKE, and then propose a continuous after-the-fact LR eCK-secure PAKE protocol based on key derivation function, leakage-resilient storage (LRS) and leakage-resilient refreshing of LRS, and show a formal security proof in the standard model.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
