Strong password-based authentication in TLS using the three-party group Diffie Hellman protocol

This paper shows that the three-party group Diffie-Hellman key exchange can help protect against these attacks

Michel Abdalla

2007

Scholarcy highlights

  • An increasing number of distributed systems on the internet are using open source software
  • Widely fielded open source software products within their respective categories are the Linux operating system, the Apache web server, the Mozilla Firefox web browser, the OpenOffice.org office suite, the OpenSSL toolkit for secure communication over the internet and the Globus toolkit1 for building grid systems and applications over the internet
  • In this paper we argue that it is possible to develop Password-based Authenticated Key Exchange-ciphersuites in Transport Layer Security that achieve strong security notions and were written in attempt to be free from patent and licensing restrictions
  • Game G7: in this game, we exclude collisions on MAC keys for all the sessions in which the premaster secret PreMasterSecret has been derived with the private oracle Hash
  • We reject all the authenticators sent by the adversary for all the sessions in which the premaster secret PreMasterSecret has been derived with the private oracle Hash : Pr = 0
  • It is a first attempt at drafting provably secure PAKE ciphersuites for TLS that are believed to not infringe existing patents; further investigation would be needed before this technology can be used within the USA completely without fear of infringement
  • It is a first attempt at drafting provably secure Password-based Authenticated Key Exchange ciphersuites for Transport Layer Security that are believed to not infringe existing patents; further investigation would be needed before this technology can be used within the USA completely without fear of infringement

Need more features? Save interactive summary cards to your Scholarcy Library.