nPAKE+: A Hierarchical Group Password-Authenticated Key Exchange Protocol Using Different Passwords
Conference Proceeding Article
Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a hierarchical group PAKE protocol nPAKE+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(logn). Additionally, the hierarchical feature of nPAKE+ enables every subgroup obtains their own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.
Information Security and Trust; Software Systems
Information and Communications Security: 9th International Conference, ICICS 2007, Zhengzhou, China, December 12-15: Proceedings
City or Country
WAN, Zhiguo; DENG, Robert H.; Bao, Feng; and Preneel, Bart.
nPAKE+: A Hierarchical Group Password-Authenticated Key Exchange Protocol Using Different Passwords. (2007). Information and Communications Security: 9th International Conference, ICICS 2007, Zhengzhou, China, December 12-15: Proceedings. 4861, 31-43. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/400