You are here

FAU Collections » FAU Research Repository » FAU Theses and Dissertations

Password-authenticated two-party key exchange with long-term security

Download pdf | Full Screen View

Date Issued:
2012
Summary:
In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `.
Title: Password-authenticated two-party key exchange with long-term security.
165 views
38 downloads
Name(s): Gao, WeiZheng.
Charles E. Schmidt College of Science
Department of Mathematical Sciences
Type of Resource: text
Genre: Electronic Thesis Or Dissertation
Date Issued: 2012
Publisher: Florida Atlantic University
Physical Form: electronic
Extent: viii, 53 p. : ill.
Language(s): English
Summary: In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `.
Identifier: 794505799 (oclc), 3342105 (digitool), FADT3342105 (IID), fau:3859 (fedora)
Note(s): by WeiZheng Gao.
Thesis (Ph.D.)--Florida Atlantic University, 2012.
Includes bibliography.
Electronic reproduction. Boca Raton, Fla., 2012. Mode of access: World Wide Web.
Subject(s): Data encryption (Computer science)
Computer networks (Security measures)
Software protection
Computers -- Access control -- Passwords
Persistent Link to This Record: http://purl.flvc.org/FAU/3342105
Use and Reproduction: http://rightsstatements.org/vocab/InC/1.0/
Host Institution: FAU