Presentation is loading. Please wait.

Presentation is loading. Please wait.

The PAK proposal for sacred WG Alec Brusilovsky

Published byShavonne Hubbard Modified over 9 years ago

Similar presentations

Presentation on theme: "The PAK proposal for sacred WG Alec Brusilovsky"— Presentation transcript:

1 The PAK proposal for sacred WG Alec Brusilovsky abrusilovsky@lucent.com

2 Wednesday, August 3, 2005 2 Sacred WG IETF 63, Paris, France Wish list  Mutual authentication based on just a pre-shared, human-memorizable password.  Fulfillment of the need to guard against a man-in-the- middle and against offline dictionary attack.  Simplicity and openness, to promote widespread adoption and to minimize flaws.  PAK (Password Authenticated Key exchange) –satisfies all of the above –is proposed as a new work item for sacred

3 Wednesday, August 3, 2005 3 Sacred WG IETF 63, Paris, France Why PAK?  Provides strong key exchange with weak passwords  Foils the man-in-the-middle attack  Provides explicit mutual authentication

4 Wednesday, August 3, 2005 4 Sacred WG IETF 63, Paris, France Diffie-Hellman Key Exchange (1976) a refresher Alice Bob Global public: x and y – primes y < x Alice’s Key generation: Select private Ra; Ra < x Calculate public y Ra mod x Bob’s Key generation: Select private Rb; Rb < x Calculate public y Ra mod x Alice’s Key = Bob’s Key (y Ra ) Rb mod x = (y Rb ) Ra mod x K=(y Rb ) Ra mod xK=(y Ra ) Rb mod x y Ra mod x y Rb mod x

5 Wednesday, August 3, 2005 5 Sacred WG IETF 63, Paris, France PAK – an extension of the Diffie-Hellman Key Exchange Alice Bob Global public: x and y – primes, y < x K=(y Rb ) Ra mod xK=(y Ra ) Rb mod x y Ra mod x y Rb mod x K=HASH’’(PW, y Rb*Ra mod x ) HASH(PW) * y Ra mod x HASH’(PW) * y Rb mod x Alice and Bob share password PW

6 Wednesday, August 3, 2005 6 Sacred WG IETF 63, Paris, France PAK – Password Authenticated Key Exchange Protocol (details omitted) Alice Bob K=HASH(3,PW, y RbRa mod x)K=HASH(3,PW, y RaRb mod x) HASH(PW) * (y Ra mod x) HASH(PW) * (y Rb mod x), S 1 Alice and Bob share password PW S2S2 S 2 = HASH(2, PW, y Rb mod x, y Ra mod x, y RaRb mod x) S 1 = HASH(1, PW, y Ra mod x, y Rb mod x, y RaRb mod x) K=HASH(3,PW, y RbRa mod x) K=HASH(3,PW, y RaRb mod x)

7 Wednesday, August 3, 2005 7 Sacred WG IETF 63, Paris, France Plan9 – implementation of PAK  Plan 9 is distributed in an open source manner: http://plan9.bell-labs.com/plan9dist/license.html  The particular algorithm used in Plan 9 is PAK. PAK is a seemingly obvious tweak to Diffie-Hellman  To download plan 9 go to: http://plan9.bell-labs.com/plan9dist/download.html

8 Thank you Alec Brusilovsky abrusilovsky@lucent.com

Download ppt "The PAK proposal for sacred WG Alec Brusilovsky"

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
Password-based Credentials Download Protocols Radia Perlman

Password-based Credentials Download Protocols Radia Perlman
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.

Digital Signatures Good properties of hand-written signatures: 1. Signature is authentic. 2. Signature is unforgeable. 3. Signature is not reusable (it.
An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.

An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.

1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.

Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

Similar presentations

Ads by Google