Universally Composable Relaxed Password Authenticated Key Exchange

Thumbnail Image
Date
2020
Authors
Manuel Barbosa
Xu,JY
Katz,J
Jarecki,S
Bradley,T
Abdalla,M
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Protocols for password authenticated key exchange (PAKE) allow two parties who share only a weak password to agree on a cryptographic key. We revisit the notion of PAKE in the universal composability (UC) framework, and propose a relaxation of the PAKE functionality of Canetti et al. that we call lazy-extraction PAKE (lePAKE). Our relaxation allows the ideal-world adversary to postpone its password guess until after a session is complete. We argue that this relaxed notion still provides meaningful security in the password-only setting. As our main result, we show that several PAKE protocols that were previously only proven secure with respect to a “game-based” definition of security can be shown to UC-realize the lePAKE functionality in the random-oracle model. These include SPEKE, SPAKE2, and TBPEKE, the most efficient PAKE schemes currently known. © International Association for Cryptologic Research 2020.
Description
Keywords
Citation