Abstract
Password-based authenticated key exchange (PAKE) consists of protocols which are designed to be secure even when the secret key used for authentication is a human-memorable password. In the article, the authors consider PAKE protocols in the 3-party scenario, in which the users trying to establish a common secret do not share a password between themselves but only with a trusted server. Towards their goal, the authors recall some of the existing security notions for PAKE protocols and introduce new ones that are more suitable to the case of generic constructions of 3-party protocols. The authors then present a natural generic construction of a 3-party PAKE protocol from any 2-party PAKE protocol and prove its security. To the best of the authors knowledge, the new protocol is the first provably secure PAKE protocol in the 3-party setting.
Submitted Version (
Free)
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call