Paper published in a book (Scientific congresses, symposiums and conference proceedings)
On Composability of Game-based Password Authenticated Key Exchange
SKROBOT, Marjan; LANCRENON, Jean
2018In SKROBOT, Marjan; Lancrenon, Jean (Eds.) 2018 IEEE European Symposium on Security and Privacy (EuroS&P)
Peer reviewed
 

Files


Full Text
Composition of PAKE.pdf
Publisher postprint (448.3 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
PAKE; Composability; Game-based; Passwords; Key Exchange; Authentication
Abstract :
[en] It is standard practice that the secret key derived from an execution of a Password Authenticated Key Exchange (PAKE) protocol is used to authenticate and encrypt some data payload using a Symmetric Key Protocol (SKP). Unfortunately, most PAKEs of practical interest are studied using so-called game-based models, which – unlike simulation models – do not guarantee secure composition per se. However, Brzuska et al. (CCS 2011) have shown that middle ground is possible in the case of authenticated key exchange that relies on Public- Key Infrastructure (PKI): the game-based models do provide secure composition guarantees when the class of higher-level applications is restricted to SKPs. The question that we pose in this paper is whether or not a similar result can be exhibited for PAKE. Our work answers this question positively. More specifically, we show that PAKE protocols secure according to the game-based Real-or-Random (RoR) definition with the weak forward secrecy of Abdalla et al. (S&P 2015) allow for safe composition with arbitrary, higher-level SKPs. Since there is evidence that most PAKEs secure in the Find-then-Guess (FtG) model are in fact secure according to RoR definition, we can conclude that nearly all provably secure PAKEs enjoy a certain degree of composition, one that at least covers the case of implementing secure channels.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Disciplines :
Computer science
Author, co-author :
SKROBOT, Marjan ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
LANCRENON, Jean ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
no
Language :
English
Title :
On Composability of Game-based Password Authenticated Key Exchange
Publication date :
April 2018
Event name :
2018 IEEE European Symposium on Security and Privacy (EuroS&P)
Event organizer :
IEEE
Event place :
London, United Kingdom
Event date :
April 24-26, 2018
Audience :
International
Main work title :
2018 IEEE European Symposium on Security and Privacy (EuroS&P)
Author, co-author :
SKROBOT, Marjan 
Lancrenon, Jean
Publisher :
IEEE, London, United Kingdom
ISBN/EAN :
978-1-5386-4228-3
Pages :
443-457
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
Name of the research project :
Atoms
Available on ORBilu :
since 08 August 2020

Statistics


Number of views
109 (28 by Unilu)
Number of downloads
201 (20 by Unilu)

Scopus citations®
 
4
Scopus citations®
without self-citations
2

Bibliography


Similar publications



Contact ORBilu