Toggle Main Menu Toggle Search

Open Access padlockePrints

Password Authenticated Key Exchange by Juggling

Lookup NU author(s): Professor Feng Hao, Professor Peter Ryan



Password-Authenticated Key Exchange (PAKE) studies how to establish secure communication between two remote parties solely based on their shared password, without requiring a Public Key Infrastructure (PKI). Despite extensive research in the past decade, this problem remains unsolved. Patent has been one of the biggest brakes in deploying PAKE solutions in practice. Besides, even for the patented schemes like EKE and SPEKE, their security is only heuristic; researchers have reported some subtle but worrying security issues. In this paper, we propose to tackle this problem using an approach different from all past solutions. Our protocol, Password Authenticated Key Exchange by Juggling (J-PAKE), achieves mutual authentication in two steps: first, two parties send ephemeral public keys to each other; second, they encrypt the shared password by juggling the public keys in a verifiable way. The first use of such a juggling technique was seen in solving the Dining Cryptographers problem. Here, we apply it to solve the PAKE problem, and show that the protocol is zero-knowledge as it reveals nothing except one-bit information: whether the supplied passwords at two sides are the same. With clear advantages in security, our scheme has comparable efficiency to the EKE and SPEKE protocols.

Publication metadata

Author(s): Hao F, Ryan PYA

Publication type: Report

Publication status: Published

Series Title: School of Computing Science Technical Report Series

Year: 2008

Pages: 15

Print publication date: 01/02/2008

Source Publication Date: February 2008

Report Number: 1073

Institution: School of Computing Science, University of Newcastle upon Tyne

Place Published: Newcastle upon Tyne