Doctoral thesis (Dissertations and theses)
PROVABLE SECURITY ANALYSIS FOR THE PASSWORD AUTHENTICATED KEY EXCHANGE PROBLEM
Lopez Becerra, José Miguel
2019
 

Files


Full Text
joseBecerraPhD.pdf
Author postprint (1.15 MB)
Download
Annexes
josePhDpresentation.pdf
(3.29 MB)
Thesis presentation
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
provable security; password-based authenticated key-exchange; passwords; computational model; forward secrecy; tight reductions
Abstract :
[en] Password-based Authenticated Key-Exchange (PAKE) protocols allow the establishment of secure communications despite a human-memorable password being the only secret that is previously shared between the participants. After more than 25 years since the initial proposal, the PAKE problem remains an active area of research, probably due to the vast amount of passwords deployed on the internet as password-based still constitutes the most extensively used method for user authentication. In this thesis, we consider the computational complexity approach to improve the current understanding of the security provided by previously proposed PAKE protocols and their corresponding security models. We expect that this work contributes to the standardization, adoption and more efficient implementation of the considered protocols. Our first contribution is concerning forward secrecy for the SPAKE2 protocol of Abdalla and Pointcheval (CT-RSA 2005). We prove that the SPAKE2 protocol satisfies the so-called notion of weak forward secrecy. Furthermore, we demonstrate that the incorporation of key-confirmation codes in the original SPAKE2 results in a protocol that provably satisfies the stronger notion of perfect forward secrecy. As forward secrecy is an explicit requirement for cipher suites supported in the TLS handshake, we believe our results fill the gap in the literature and facilitate the adoption of SPAKE2 in the recently approved TLS 1.3. Our second contribution is regarding tight security reductions for EKE-based protocols. We present a security reduction for the PAK protocol instantiated over Gap Diffie-Hellman groups that is tighter than previously known reductions. We discuss the implications of our results for concrete security. Our proof is the first to show that the PAK protocol can provide meaningful security guarantees for values of the parameters typical in today's world. Finally, we study the relation between two well-known security models for PAKE protocols. Security models for PAKEs aim to capture the desired security properties that such protocols must satisfy when executed in the presence of an adversary. They are usually classified into i) indistinguishability-based (IND-based) or ii) simulation-based (SIM-based), however, controversy remains within the research community regarding what is the most appropriate security model that better reflects the capabilities that an adversary is supposed to have in real-world scenarios. Furthermore, the relation between these two security notions is unclear and mentioned as a gap in the literature. We prove that SIM-BMP security from Boyko et al. (EUROCRYPT 2000) implies IND-RoR security from Abdalla et al. (PKC 2005) and that IND-RoR security is equivalent to a slightly modified version of SIM-BMP security. We also investigate whether IND-RoR security implies (unmodified) SIM-BMP security.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Disciplines :
Computer science
Author, co-author :
Lopez Becerra, José Miguel ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Language :
English
Title :
PROVABLE SECURITY ANALYSIS FOR THE PASSWORD AUTHENTICATED KEY EXCHANGE PROBLEM
Defense date :
14 May 2019
Number of pages :
134
Institution :
Unilu - University of Luxembourg, Esch-Uelzecht, Luxembourg
Degree :
DOCTEUR DE L’UNIVERSITÉ DU LUXEMBOURG EN INFORMATIQUE
Jury member :
Abdalla, Michel
Kremer, Steve
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR8293135 - A Theory Of Matching Sessions, 2014 (01/05/2015-30/04/2018) - Peter Y. A. Ryan
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 20 May 2019

Statistics


Number of views
338 (54 by Unilu)
Number of downloads
425 (54 by Unilu)

Bibliography


Similar publications



Contact ORBilu