[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting

  • Conference paper
Agent and Multi-Agent Systems: Technologies and Applications (KES-AMSTA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4496))

  • 785 Accesses

Abstract

Agent technology is emerging as a new software paradigm in the areas of distributed computing. The use of multiple agents is a common technique in agent-based systems. In distributed agent systems, it is often required for two agents to communicate securely over a public network. Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. There have been many protocols proposed over the years for password authenticated key exchange in the three-party scenario, in which two agents attempt to establish a secret key interacting with one same authentication server. However, little has been done for password authenticated key exchange in the more general and realistic four-party setting, where two clients (or, two agents) trying to establish a secret key are registered with different authentication servers. In this paper, we propose a new protocol designed carefully for four-party password authenticated key exchange that requires each agent only to remember a password shared with its authentication server.

This work was supported by the Korean Ministry of Information and Communication under the Information Technology Research Center (ITRC) support program supervised by the Institute of Information Technology Assessment (IITA).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abdalla, M., Fouque, P.-A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 65–84. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.-J.: Provably authenticated group Diffie-Hellman key exchange. In: Proceedings of the 8th ACM conference on Computer and Communications Security (CCS 2001), pp. 255–264 (2001)

    Google Scholar 

  3. Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  5. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proc. ACM CCS 1993, pp. 62–73 (1993)

    Google Scholar 

  6. Boyko, V., MacKenzie, P.D., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Diffie, W., Oorschot, P., Wiener, M.: Authentication and authenticated key exchanges. Designs, Codes, and Cryptography 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  8. Ding, Y., Horster, P.: Undectectable on-line password guessing attacks. ACM SIGOPS Operating Systems Review 29(4), 77–86 (1995)

    Article  Google Scholar 

  9. Dolev, D., Dwork, C., Naor, M.: Nonmalleable cryptography. SIAM Journal on Computing 30(2), 391–437 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  10. Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  11. Gong, L., Lomas, M.-L., Needham, R.-M., Saltzer, J.-H.: Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Areas in Communications 11(5), 648–656 (1993)

    Article  Google Scholar 

  12. Jiang, S., Gong, G.: Password based key exchange with mutual authentication. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 267–279. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 284–299. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Kohl, J.-T., Neumanm, B.-C.: The Kerberos Network Authentication Service, Version 5 Revision 5. Project Athena, Massachusetts Institute of Technology (1992)

    Google Scholar 

  16. Lin, C.-L., Sun, H.-M., Hwang, T.: Three-party encrypted key exchange: attacks and a solution. ACM SIGOPS Operating Systems Review 34(4), 12–20 (2000)

    Article  Google Scholar 

  17. Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: A block-cipher mode of operation for efficient authenticated encryption. In: Proc. ACM CCS 2001, pp. 196–205 (2001)

    Google Scholar 

  18. Steiner, M., Tsudik, G., Waidner, M.: Refinement and extension of encrpyted key exchange. ACM SIGOPS Operating Systems Review 29(3), 22–30 (1995)

    Article  Google Scholar 

  19. Zhang, M.: New approaches to password authenticated key exchange based on RSA. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 230–244. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Sungkyunkwan University, Korea

    Youngsook Lee & Dongho Won

  2. Department of Computer Science, Konkuk University, Korea

    Junghyun Nam

  3. Department of Information Security, Soonchunhyang University, Korea

    Jin Kwak

Authors
  1. Youngsook Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Junghyun Nam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jin Kwak
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dongho Won
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Ngoc Thanh Nguyen Adam Grzech Robert J. Howlett Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, Y., Nam, J., Kwak, J., Won, D. (2007). Password-Only Authenticated Key Exchange Between Two Agents in the Four-Party Setting. In: Nguyen, N.T., Grzech, A., Howlett, R.J., Jain, L.C. (eds) Agent and Multi-Agent Systems: Technologies and Applications. KES-AMSTA 2007. Lecture Notes in Computer Science(), vol 4496. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72830-6_64

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-72830-6_64

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-72829-0

  • Online ISBN: 978-3-540-72830-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation