Toggle Main Menu Toggle Search

Open Access padlockePrints

The Fairy-Ring Dance: Password Authenticated Key Exchange in a Group

Lookup NU author(s): Professor Feng Hao, Dr Siamak Fayyaz Shahandashti



In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic “fairy-ring dance” construction that transforms any secure two-party PAKE scheme to a group PAKE protocol while preserving the round efficiency in the optimal way. Based on this generic construction, we present two concrete instantiations based on using SPEKE and J-PAKE as the underlying PAKE primitives respectively. The first protocol, called SPEKE+, accomplishes authenticated key exchange in a group with explicit key confirmation in just two rounds. This is more round-efficient than any existing group PAKE protocols in the literature. The second protocol, called J-PAKE+, requires one more round than SPEKE+, but is computationally faster. Finally, we present full implementations of SPEKE+ and J-PAKE+ with detailed performance measurements. Our experiments suggest that both protocols are feasible for practical applications in which the group size may vary from three to several dozen. This makes them useful, as we believe, for a wide range of applications – e.g., to bootstrap secure communication among a group of smart devices in the Internet of Things (IoT).

Publication metadata

Author(s): Hao F, Xun Y, Liqun C, Shahandashti SF

Publication type: Conference Proceedings (inc. Abstract)

Publication status: Published

Conference Name: 1st ACM Workshop on IoT Privacy, Trust and Security, ASIACCS IoTPTS’15

Year of Conference: 2015

Pages: 27-34

Online publication date: 14/04/2015

Acceptance date: 01/01/1900

Date deposited: 22/12/2015

ISSN: 9781450334495

Publisher: ACM


DOI: 10.1145/2732209.2732212