[en] Password-based Authenticated Key-Exchange (PAKE) protocols allow users, who need only to share a password, to compute a high-entropy shared session key despite passwords being taken from a dictionary.
Security models for PAKE protocols aim to capture the desired security properties that such protocols must satisfy when executed in the presence of an active adversary.
They are usually classified into i) indistinguishability-based (IND-based) or ii) simulation-based (SIM-based).
The relation between these two security notions is unclear and mentioned as a gap in the literature.
In this work, we prove that SIM-BMP security from Boyko et al.~(EUROCRYPT 2000) implies IND-RoR security from Abdalla et al.~(PKC 2005) and that IND-RoR security implies a slightly modified version of SIM-BMP security. We also investigate whether IND-RoR security implies (unmodified) SIM-BMP security.
Disciplines :
Computer science
Author, co-author :
Lopez Becerra, José Miguel ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Iovino, Vincenzo ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Ostrev, Dimiter ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Skrobot, Marjan ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
no
Language :
English
Title :
On the Relation Between SIM and IND-RoR Security Models for PAKEs
Publication date :
2017
Event name :
SECRYPT 2017
Event place :
Madrid, Spain
Event date :
from 24-07-2017 to 26-07-2017
Audience :
International
Main work title :
Proceedings of the International Conference on Security and Cryptography
Publisher :
SCITEPRESS
Pages :
12
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR8293135 - A Theory Of Matching Sessions, 2014 (01/05/2015-30/04/2018) - Peter Y. A. Ryan
