Presentation is loading. Please wait.

Presentation is loading. Please wait.

TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.

Published byMichael Doyle Modified over 10 years ago

Similar presentations

Presentation on theme: "TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu."— Presentation transcript:

1 TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu Univ.) March 5, 2006

2 A fundamental problem in cryptography is how to communicate securely over an insecure channel. Motivation sk data privacy/integrity

3 How can we obtain a secret session key? Public-key encryption or signature –too high for certain applications Password-Authenticated Key Exchange (PAKE) –PAKE allows to share a secret key between specified parties using just a human-memorable password. –convenience, mobility, and less hardware requirement –no security infrastructure Motivation

4 Classification of PAKE

5 Our research topic on PAKE - Password-Authenticated Group Key Exchange (PAGKE) -

6 Group with sk PAGKE : Setting A broadcast group consisting of a set of users –each user holds a low-entropy secret (pw) pw

7 Previous Works Efficient Password-Based Group Key Exchange (Trust-Bus 04) - S. M. Lee, J. Y. Hwang, and D. H. Lee. –a provably secure constant-round PAGKE protocol –forward-secure and secure against known-key attacks –ideal-cipher and ideal-hash assumptions Password-based Group Key Exchange in a Constant Number of Rounds (PKC 06) - Abdalla, E. Bresson, O. Chevassut, and D. Pointcheval. –a provably secure constant-round PAGKE protocol –secure against known-key attacks –ideal-cipher and ideal-hash assumptions

8 Our Goal The focus of this work is to provide a provably-secure constant-round PAGKE protocol without using the random oracle model.

9 Preliminary for protocol Public information –G : a finite cyclic group has order q –p : a safe prime such that p=2q+1 –g 1,g 2 : generators of G –H : a one-way hash function –F : a pseudo random function family

10 Burmester and Desmedts Protocol U1U1 U2U2 U3U3 U4U4 R1R1 R2R2 M. Burmester and Y. Desmedt. A Secure and Efficient Conference Key Distribution System, In Proc. of EUROCRYPT 94.

11 Protocol U1U1 U2U2 U3U3 U4U4 R1R1 R2R2

12 Security Measurement Security theorem where t is the maximum total game time including an adversarys running time, and an adversary makes q ex execute-queries, q se send-queries. n is the upper bound of the number of the parties in the game, N s is the upper bound of the number of sessions that an adversary makes, PW is the size of a password space. Under the intractability assumption of the DDH problem and if F is a secure pseudo random function family, the proposed protocol is secure against dictionary attacks and known-key attacks, and provides forward secrecy.

13 Thank you ! Jeong Ok Kwon (pitapat@korea.ac.kr)

Download ppt "TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu."

Similar presentations

1 Password-based authenticated key exchange Ravi Sandhu.

1 Password-based authenticated key exchange Ravi Sandhu.
Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.

Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.
Course summary COS 433: Crptography -Spring 2010 Boaz Barak.

Course summary COS 433: Crptography -Spring 2010 Boaz Barak.
Pairwise Key Agreement in Broadcasting Networks - 2005.11.11 - Ik Rae Jeong.

Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.

Su Youn Lee, Su Mi Lee and Dong Hoon Lee Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos

CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos
1 Vipul Goyal Abhishek Jain Rafail Ostrovsky Silas Richelson Ivan Visconti Microsoft Research India MIT and BU UCLA University of Salerno, Italy Constant.

1 Vipul Goyal Abhishek Jain Rafail Ostrovsky Silas Richelson Ivan Visconti Microsoft Research India MIT and BU UCLA University of Salerno, Italy Constant.
Modeling Insider Attacks on Group Key Exchange Protocols Jonathan Katz Ji Sun Shin University of Maryland.

Modeling Insider Attacks on Group Key Exchange Protocols Jonathan Katz Ji Sun Shin University of Maryland.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Cross-Realm Password-Based Server Aided Key Exchange Source: WISA 2010, LNCS 6513, pp. 322–336, 2011(0) Author: Kazuki Yoneyama Presenter: Li-Tzu Chang.

Cross-Realm Password-Based Server Aided Key Exchange Source: WISA 2010, LNCS 6513, pp. 322–336, 2011(0) Author: Kazuki Yoneyama Presenter: Li-Tzu Chang.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

Similar presentations

Ads by Google