Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEEE P1363.2: Standard Specifications for Password-based Public-Key Cryptography David Jablon CTO Phoenix Technologies Treasurer, IEEE P1363 NIST Key Management.

Published byTracey Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "IEEE P1363.2: Standard Specifications for Password-based Public-Key Cryptography David Jablon CTO Phoenix Technologies Treasurer, IEEE P1363 NIST Key Management."— Presentation transcript:

1 IEEE P1363.2: Standard Specifications for Password-based Public-Key Cryptography David Jablon CTO Phoenix Technologies Treasurer, IEEE P1363 NIST Key Management Workshop November 1-2, 2001

2 November 1, 2001NIST Key Management Workshop2 What is IEEE P1363.2 ? “Standard Specifications for Public Key Cryptography: Password-based Techniques” “Standard Specifications for Public Key Cryptography: Password-based Techniques” Proposed IEEE standard Proposed IEEE standard Companion to IEEE Std 1363-2000 Companion to IEEE Std 1363-2000 Product of P1363 Working Group Product of P1363 Working Group Open standards process Open standards process

3 November 1, 2001NIST Key Management Workshop3 ScopeScope Password-based public-key techniques Password-based public-key techniques Supplemental to IEEE Std 1363-2000 Supplemental to IEEE Std 1363-2000 Primitives, schemes, and protocols Primitives, schemes, and protocols Key agreement, plus Key agreement, plus resistance to dictionary attack resistance to dictionary attack Tolerates or safely uses low-grade secrets Tolerates or safely uses low-grade secrets passwords, password-derived keys, etc. passwords, password-derived keys, etc.

4 November 1, 2001NIST Key Management Workshop4 Focus of P1363.2 Password-based public-key techniques Password-based public-key techniques balanced key agreement balanced key agreement augmented key agreement augmented key agreement key retrieval key retrieval Discrete log and elliptic curve families Discrete log and elliptic curve families Examples Examples AMP, AuthA, EKE, OKE, PAK, SNAPI, SPEKE, SRP,... AMP, AuthA, EKE, OKE, PAK, SNAPI, SPEKE, SRP,...

5 November 1, 2001NIST Key Management Workshop5 History of P1363.2 Password-based submissions to P1363 Password-based submissions to P1363 1996 through 2001 1996 through 2001 Work deferred to a P1363 supplement Work deferred to a P1363 supplement while Std 1363-2000 completed while Std 1363-2000 completed P1363.2 PAR approved P1363.2 PAR approved late 2000 late 2000 Latest draft Latest draft October 23, 2001 October 23, 2001

6 November 1, 2001NIST Key Management Workshop6 IEEE P1363 Supplements P1363a, P1363b P1363a, P1363b same goals and families as Std 1363-2000 same goals and families as Std 1363-2000 P1363.1: Lattice-based P1363.1: Lattice-based same goals -- different family same goals -- different family P1363.2: Password-based P1363.2: Password-based same families -- different goals same families -- different goals

7 November 1, 2001NIST Key Management Workshop7 Purpose of IEEE P1363.2 Reference for specification of techniques Reference for specification of techniques Provide theoretic background Provide theoretic background Discuss security and implementation issues Discuss security and implementation issues Does not mandate particular techniques or security requirements Does not mandate particular techniques or security requirements

8 November 1, 2001NIST Key Management Workshop8 RationaleRationale People are important entities People are important entities Passwords are important for personal authentication Passwords are important for personal authentication People have trouble with high-grade keys People have trouble with high-grade keys storage -- memorizing storage -- memorizing input -- attention to detail input -- attention to detail output-- typing output-- typing Need to standardize the best password techniques Need to standardize the best password techniques

9 November 1, 2001NIST Key Management Workshop9 BenefitsBenefits Mutual authentication Mutual authentication Person-to-machine, person-to-person,... Person-to-machine, person-to-person,... Authenticated key agreement Authenticated key agreement Authenticated key retrieval Authenticated key retrieval Safer handling of password-derived keys Safer handling of password-derived keys

10 November 1, 2001NIST Key Management Workshop10 Sample sections of draft Overview Overview Definitions, Concepts, Rationale Definitions, Concepts, Rationale Types of Techniques (primitives, schemes, protocols) Types of Techniques (primitives, schemes, protocols) Methods Based on Discrete Log & Elliptic Curve Problems Methods Based on Discrete Log & Elliptic Curve Problems Password-Authenticated Key Agreement Password-Authenticated Key Agreement Password-Authenticated Key Retrieval Password-Authenticated Key Retrieval Number-Theoretic Background Number-Theoretic Background Security Considerations Security Considerations References & Bibliography References & Bibliography

11 November 1, 2001NIST Key Management Workshop11 Example of a PKA Scheme Password-authenticated Key Agreement Scheme (PKAS) operation for each party: Password-authenticated Key Agreement Scheme (PKAS) operation for each party: Password (  )  PEPKGP  password-entangled public key (w) Password (  )  PEPKGP  password-entangled public key (w) Send w to other party Send w to other party Get password-entangled public key (w’) from other party Get password-entangled public key (w’) from other party ,w’  SVDP  agreed value z ,w’  SVDP  agreed value z

12 November 1, 2001NIST Key Management Workshop12 Example of a PKA Primitive Password-entangled Public Key Generation Primitive (PEPKGP) operation: Password-entangled Public Key Generation Primitive (PEPKGP) operation: Input: Input:  n password-derived mask group element  n password-derived mask group element sprivate key sprivate key gdomain parameter gdomain parameter Compute w = (g^s) *  n Compute w = (g^s) *  n Output: w Output: w

13 November 1, 2001NIST Key Management Workshop13 Summary of IEEE P1363.2 IEEE proposed standard -- work in progress IEEE proposed standard -- work in progress Reference for password-based public-key techniques Reference for password-based public-key techniques Solves important problems with human participants Solves important problems with human participants Fills a big gap in other standards Fills a big gap in other standards

14 November 1, 2001NIST Key Management Workshop14 For More Information IEEE P1363 Web site IEEE P1363 Web site http://grouper.ieee.org/groups/1363 http://grouper.ieee.org/groups/1363 publicly accessible research contributions and document submissions publicly accessible research contributions and document submissions Two mailing lists Two mailing lists general announcements list, low volume general announcements list, low volume technical discussion list, high volume technical discussion list, high volume everybody is welcome to subscribe everybody is welcome to subscribe web site contains subscription information web site contains subscription information

15 November 1, 2001NIST Key Management Workshop15 David Jablon Phoenix Technologies david_jablon@phoenix.com +1 508 898 9024 P1363 Working Group http://grouper.ieee.org/groups/1363/

Download ppt "IEEE P1363.2: Standard Specifications for Password-based Public-Key Cryptography David Jablon CTO Phoenix Technologies Treasurer, IEEE P1363 NIST Key Management."

Similar presentations

Revised 08/16/1999 IEEE P1363: Standard Specifications for Public-Key Cryptography Burt Kaliski Chair, IEEE P1363 August 17, 1999.

Revised 08/16/1999 IEEE P1363: Standard Specifications for Public-Key Cryptography Burt Kaliski Chair, IEEE P1363 August 17, 1999.
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Key Establishment Schemes Workshop Document October 2001.

Key Establishment Schemes Workshop Document October 2001.
SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.

SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.
SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.

SPEKE S imple Password-authenticated Exponential Key Exchange Robert Mol Phoenix Technologies.
Cryptography and Network Security

Cryptography and Network Security
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Trustworthy User Interface Design: Dynamic Security Skins Rachna Dhamija and J.D. Tygar University of California, Berkeley TIPPI Workshop June 13, 2005.

Trustworthy User Interface Design: Dynamic Security Skins Rachna Dhamija and J.D. Tygar University of California, Berkeley TIPPI Workshop June 13, 2005.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
國立清華大學資訊工程系 資訊安全實驗室 孫宏民 博士 Phone: 03-5742968 Authenticated Key Exchange Protocols.

國立清華大學資訊工程系 資訊安全實驗室 孫宏民 博士 Phone: Authenticated Key Exchange Protocols.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.

Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.
Authentication System

Authentication System
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Similar presentations

Ads by Google