n PAKE+: a tree-based group password-authenticated key exchange protocol using different passwords

Author

Zhiguo WAN
Robert H. DENG, Singapore Management UniversityFollow
Feng Bao, Singapore Management UniversityFollow
Bart Preneel
Ming GU

Publication Type

Journal Article

Publication Date

1-2009

Abstract

Although two-party password-authenticated key exchange (PAKE) protocols have been intensively studied in recent years, group PAKE protocols have received little attention. In this paper, we propose a tree-based group PAKE protocol — nPAKE+ protocol under the setting where each party shares an independent password with a trusted server. The nPAKE+ protocol is a novel combination of the hierarchical key tree structure and the password-based Diffie-Hellman exchange, and hence it achieves substantial gain in computation efficiency. In particular, the computation cost for each client in our protocol is only O(log n). Additionally, the hierarchical feature of nPAKE+ enables every subgroup to obtain its own subgroup key in the end. We also prove the security of our protocol under the random oracle model and the ideal cipher model.

Keywords

security protocol, password-authenticated key exchange, group key agreement

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Journal of Computer Science and Technology

Volume

24

Issue

1

First Page

138

Last Page

151

ISSN

1000-9000

Identifier

10.1007/s11390-009-9207-6

Publisher

Springer Verlag

Citation

WAN, Zhiguo; DENG, Robert H.; Bao, Feng; Preneel, Bart; and GU, Ming. n PAKE+: a tree-based group password-authenticated key exchange protocol using different passwords. (2009). Journal of Computer Science and Technology. 24, (1), 138-151.
Available at: https://ink.library.smu.edu.sg/sis_research/755

Additional URL

http://dx.doi.org/10.1007/s11390-009-9207-6