[en] We study three-party, password-authenticated key exchange protocols where the trusted third party has a high-entropy private key to which corresponds a public key. In this scenario we can maintain the user-friendliness of password authentication while provably achieving security properties that ordinary password-authenticated key exchange protocols cannot, namely resistance against key compromise impersonation and a special form of internal state revealing. We define security models tailored to our case and illustrate our work with several protocols.
Interdisciplinary Centre for Security, Reliability and Trust
Fonds National de la Recherche - FnR
I2R-APS-PFN-11AFRT > UR APSIA AFR - Training allowance > > RYAN Peter