A Verifier-Based Password-Authenticated Key Exchange Using Tamper-Proof Hardware

摘要

Password-based authenticated key exchange (PAKE) allows two parties to compute a common secret key. PAKE offers the advantage of allowing two parties to pre-share only a password. However, when it is executed in a client-server environment, server corruption can expose the clients' passwords. To be resilient against server compromises, verifier-based authenticated key exchange (VPAKE) is proposed, as an augmented version of PAKE. Thus far, there are two known major VPAKE constructions formally proven secure. However, both involve strong assumptions, such as random oracles. In this paper, we propose a simple and efficient VPAKE using tamper-proof hardware without random oracles to support resilient infrastructures. In particular, we transform Katz-Vaikuntanathan one-round PAKE into two-round VPAKE so as to instill resilience to server compromises. We provide a formal definition of VPAKE using tamper-proof hardware and security proof without random oracles. Finally, we provide a performance analysis and comparisons to previous VPAKE and PAKE protocols. Our transformation supports an efficient VPAKE protocol with six group element communications when the underlying Katz-Vaikuntanathan PAKE is instantiated by Cramer-Shoup ciphertext following the proposal by Benhamouda et al.