University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Cross-domain password-based authenticated key exchange revisited. ACM Transactions on Information and System Security

Chen, L, Lim, HW and Yang, G (2014) Cross-domain password-based authenticated key exchange revisited. ACM Transactions on Information and System Security ACM Transactions on Information and System Security (TISSEC), 16 (4).

Full text not available from this repository.

Abstract

We revisit the problem of secure cross-domain communication between two users belonging to different security domains within an open and distributed environment. Existing approaches presuppose that either the users are in possession of public key certificates issued by a trusted certificate authority (CA), or the associated domain authentication servers share a long-term secret key. In this article, we propose a generic framework for designing four-party password-based authenticated key exchange (4PAKE) protocols. Our framework takes a different approach from previous work. The users are not required to have public key certificates, but they simply reuse their login passwords, which they share with their respective domain authentication servers. On the other hand, the authentication servers, assumed to be part of a standard PKI, act as ephemeral CAs that certify some key materials that the users can subsequently use to exchange and agree on as a session key. Moreover, we adopt a compositional approach. That is, by treating any secure two-party password-based key exchange (2PAKE) protocol and two-party asymmetric-key/symmetric-key-based key exchange (2A/SAKE) protocol as black boxes, we combine them to obtain generic and provably secure 4PAKE protocols.

Item Type: Article
Subjects : Computing
Authors :
NameEmailORCID
Chen, Ll.chen@surrey.ac.ukUNSPECIFIED
Lim, HWUNSPECIFIEDUNSPECIFIED
Yang, GUNSPECIFIEDUNSPECIFIED
Date : April 2014
Identification Number : 10.1145/2584681
Copyright Disclaimer : © 2014 ACM
Uncontrolled Keywords : Computer-Communication Networks, Network Protocols, Password-based protocol, Key exchange, Cross-domain, Client-to-client
Depositing User : Symplectic Elements
Date Deposited : 16 May 2017 15:38
Last Modified : 18 May 2017 13:14
URI: http://epubs.surrey.ac.uk/id/eprint/821054

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year


Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800