Secure ID-Based Two-Server Based Password-Authenticated Key Exchange

Authors(2) :-M. Vijaya Kanth, Dr. D. Vasumathi

Password Authenticated Key Exchange (PAKE) protocols enable two entities to agree on a common session key based on a pre-shared human memorable password. The main security goal of these protocols is providing security against password guessing attacks. In this setting, all the passwords necessary to authenticate clients are stored in a single server. If the server is compromised, due to, for example, hacking or even insider attacks, passwords stored in the server are all disclosed. In Existing the researchers consider a two-server password-authenticated key exchange (PAKE) protocol. In two-server PAKE protocol, a client splits its password and stores two shares of its password in the two servers, respectively, and the two servers then cooperate to authenticate the client without knowing the password of the client. In case one server is compromised by an adversary, the password of the client is required to remain secure. But both two servers are compromised by an adversary, the password is not secure. To tackle this problem, we proposed ID-Based Multi-Server Password-Authenticated Key Exchange Protocol. In this thesis, we present two compilers that transform any two-party PAKE protocol to a multi-server PAKE protocol on the basis of the identity-based cryptography, called ID Based Multi-server PAKE protocol. By the compilers, we can construct ID Based Multi-server PAKE protocols which achieve implicit authentication. As long as the underlying two-party PAKE protocol and identity-based encryption or signature scheme have provable security without random oracles, the ID Based Multi-server PAKE protocols constructed by the compilers can be proven to be secure without random oracles.

Authors and Affiliations

M. Vijaya Kanth
M.Tech, (Ph.D), Department of CSE, JNTUA College of Engineering, Ananthapuramu, Andhra Pradesh, India
Dr. D. Vasumathi
M.Tech, (Ph.D), Department of CSE, JNTUH collage of Engineering, Kukatpally, Hyderabad, Telangana, India

Password-authenticated key exchange, identity-based encryption and signature, Diffie-Hellman key exchange, decisional Diffie-Hellman problem.

  1. M. Abdalla, P. A. Fouque, and D. Point cheval ,’Password-based authenticated key exchange in the three-party setting’. In Proc. PKC’05, pages 65-84,2005.
  2. M. Bellare, D. Pointcheval, and P. Rogaway, 'Authen ticated key exchange secure against dictionary attacks’. In Proc. Eurocrypt’00, pages 139-155, 2000.
  3. S. M. Bellovin and M. Merritt, 'Encrypted key exchange: Passwordbased protocol secure against dictionary attack’. In Proc. 1992 IEEE Symposium on Research in Security and Privacy, pages 72-84, 1992.
  4. J. Bender, M. Fischlin, and D. Kugler, 'Security analysis of the PACE key-agreement protocol’, In Proc. ISC’09, pages 33-48, 2009.
  5. D. Boneh and M. Franklin, 'Identity based encryption from the Weil pairing’. In Proc. Crypto’01, pages 213-229, 2001.
  6. V. Boyko, P. Mackenzie, and S. Patel, 'Provably secure passwordauthenticated key exchange using Diffie-Hellman’ In Proc. Eurocrypt’00, pages 156-171, 2000.
  7. J. Brainard, A. Juels, B. Kaliski, and M. Szydlo, 'Nightingale: A new two-server approach for authentication with short secrets’ InProc. 12th USENIX Security Symp., pages 201-213, 2003.
  8. E. Bresson, O. Chevassut, and D. Pointcheval, 'Security proofs for an efficient password-based key exchange’ In Proc. CCS’03, pages 241-250, 2003.
  9. E. Bresson, O. Chevassut, and D. Pointcheval ,’ New security results on encrypted key exchange’, In Proc. PKC’04, pages 145-158, 2004.

Publication Details

Published in : Volume 3 | Issue 1 | January-February 2018
Date of Publication : 2018-02-28
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 589-592
Manuscript Number : CSEIT11831124
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

M. Vijaya Kanth, Dr. D. Vasumathi , "Secure ID-Based Two-Server Based Password-Authenticated Key Exchange", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 3, Issue 1, pp.589-592, January-February-2018.
Journal URL :

Article Preview

Follow Us

Contact Us