Filters








12 Hits in 2.1 sec

fficient and Provably Secure Generic Construction of Client-to-Client Password-Based Key Exchange Protocol

Zhoujun Li, Hua Guo, Xiyong Zhang
2008 Electronical Notes in Theoretical Computer Science  
In this paper, we present an efficient generic construction for cross-realm C2C-PAKE protocols and prove its security in the Random-or-Real model due to Abdalla et al., without making use of the Random  ...  Recently, Byun et al. and Yin-Li respectively proposed first provably secure C2C-PAKE protocols.  ...  In Section 2, we describe our generic construction for the cross-realm C2C-PAKE protocols.  ... 
doi:10.1016/j.entcs.2008.04.066 fatcat:w55luhws35bpbmxejqqrxiknve

Password-Authenticated Key Exchange between Clients with Different Passwords [chapter]

Jin Wook Byun, Ik Rae Jeong, Dong Hoon Lee, Chang-Seop Park
2002 Lecture Notes in Computer Science  
Two secure C2C-PAKE schemes are suggested, one in a cross-realm setting and the other in a single-server setting.  ...  provides a password-authenticated key exchange between clients based only on their two different passwords without any pre-shared secret, so called Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE  ...  Security Analysis of C2C-PAKE in a Cross-Realm Setting: We show that C2C-PAKE in a cross-realm setting resists against all the well-known attacks.  ... 
doi:10.1007/3-540-36159-6_12 fatcat:sl7v4mbvnbarxahb7snsdqskri

Cryptanalysis of Some Client-to-Client Password-Authenticated Key Exchange Protocols

Tianjie Cao, Tao Quan, Bo Zhang
2009 Journal of Networks  
Recently, Kwon and Lee proposed four C2C-PAKE protocols in the three-party setting, and Zhu et al. proposed a C2C-PAKE protocol in the cross-realm setting.  ...  Server-compromise impersonation resilience is another desirable security property for a C2C-PAKE protocol.  ...  Recently, Kwon and Lee proposed four C2C-PAKE protocols in the threeparty setting, and Zhu et al. proposed a C2C-PAKE protocol in the cross-realm setting.  ... 
doi:10.4304/jnw.4.4.263-270 fatcat:hhxrooazmngevdssdgysb6tdti

Cryptanalysis of two password-authenticated key exchange protocols between clients with different passwords

Tianjie Cao, Yongping Zhang
2007 International Mathematical Forum  
For enhancing the efficiency and preventing various attacks, Wang and Mo proposed a three-PAKE protocol, Yoon and Yoo proposed a C2C-PAKE protocol.  ...  However, in this paper, we show that the Wang-Mo protocol and the Yoon-Yoo protocol exist impersonation attack.  ...  Acknowledgments This work was supported by the Science and Technology Foundation of CUMT and the Open Project of State Key Laboratory of Information Security.  ... 
doi:10.12988/imf.2007.07047 fatcat:qbvlqftsv5ectirwyxm5tn34rm

A Provably Password Authenticated Key Exchange Scheme Based on Chaotic Maps in Different Realm

Hongfeng Zhu, Yifeng Zhang, Yan Zhang
2016 International Journal of Network Security  
So, in our paper, we firstly propose a provable secure twoparty in two-realm key agreement protocol using chaotic maps in the standard model.  ...  Our proposed protocol is more general and it is easy to expand to many other forms, such as three-party or N-party in different realms.  ...  Byun et al. first pro-posed a Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) in the cross-realm setting where two clients are in two different realms and hence two servers involved [2  ... 
dblp:journals/ijnsec/ZhuZZ16 fatcat:6xgxg4mcvneqtkadqtvfwyfzay

Cross-domain password-based authenticated key exchange revisited

Liqun Chen, Hoon Wei Lim, Guomin Yang
2013 2013 Proceedings IEEE INFOCOM  
secure 4PAKE protocol.  ...  We revisit the problem of cross-domain secure communication between two users belonging to different security domains within an open and distributed environment.  ...  Similarly, designing a secure C2C-PAKE protocol seems to be a non-trivial task at all. Most of the C2C-PAKE protocols found in the literature have security flaws.  ... 
doi:10.1109/infcom.2013.6566895 dblp:conf/infocom/ChenLY13 fatcat:yxhacnm7xrb5tdtxcouwlmxlim

Cross-Domain Password-Based Authenticated Key Exchange Revisited

Liqun Chen, Hoon Wei Lim, Guomin Yang
2014 ACM Transactions on Privacy and Security  
secure 4PAKE protocol.  ...  We revisit the problem of cross-domain secure communication between two users belonging to different security domains within an open and distributed environment.  ...  Similarly, designing a secure C2C-PAKE protocol seems to be a non-trivial task at all. Most of the C2C-PAKE protocols found in the literature have security flaws.  ... 
doi:10.1145/2584681 fatcat:a6gnsscmw5gkhmn5xu3tdjanzu

Security analysis of J-PAKE

Mohsen Toorani
2014 2014 IEEE Symposium on Computers and Communications (ISCC)  
J-PAKE is a Password-Authenticated Key Exchange protocol, proposed in 2008 and presented again in 2010 and 2011. It does not require any public key infrastructure but uses zeroknowledge proofs.  ...  Since December 2010, J-PAKE has been used in Mozilla Firefox web browser.  ...  In the four-party setting (cross-realm C2C-PAKE), two clients have shared passwords with different servers, and they want to have a PAKE.  ... 
doi:10.1109/iscc.2014.6912576 dblp:conf/iscc/Toorani14 fatcat:kdpmryygivbvnkgz6rk3vxjhda

Security Protocols in a Nutshell [article]

Mohsen Toorani
2016 arXiv   pre-print
Furthermore, a survey on computational security models for authenticated key exchange (AKE) and password-authenticated key exchange (PAKE) protocols, as the most important and well-studied type of security  ...  It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of protocols.  ...  Several security models [263] and generic constructions [264] have been proposed for crossrealm C2C-PAKE protocols, and some cross-realm C2C-PAKE protocols with provable security have been shown to  ... 
arXiv:1605.09771v2 fatcat:mkbc3in6tvdo7madnvqaxogbfq

Key exchange protocol based on the private key

Tong Yi, Minyong Shi, Wenqian Shang
2015 Proceedings of the 2015 International Conference on Automation, Mechanical Control and Computational Engineering   unpublished
On the basis of the new 3pake, a cross-realm key exchange protocol (c2c-pake) will be also presented, the new c2c-pake only needs 3 rounds to make users generate a common session key without asymmetric  ...  At present, most existing key exchange protocols for three-party (3pake) are easily attacked by server key disclosure, dictionary attack and so on.  ...  And the new three-party key exchange protocol can be expanded into a crossrealm key exchange protocol, different from the existing c2c-pake [5] [6] [7] , the new c2c-pake uses hash algorithm instead  ... 
doi:10.2991/amcce-15.2015.6 fatcat:2brewvmavbclxotrlz6yxndsmm

Online) International Journal of Network Security is published both in traditional paper form (ISSN 1816-353X) and in Internet

Min-Shiang Hwang, Shu-Fen Chiou, Chia-Chun Wu, Cheng-Yi Yang, Ajith Abraham, Korea, Wael Adi, Iqbal Sheikh, Ahamed, Vijay Atluri, Mauro Barni, Andrew Blyth (+36 others)
2016 unpublished
Byun et al. first pro-posed a Client-to-Client Password-Authenticated Key Exchange (C2C-PAKE) in the cross-realm setting where two clients are in two different realms and hence two servers involved [2  ...  [9] pointed out that the protocol was susceptible to Dening-Sacco attacks [6] , and they also proposed an improved C2C-PAKE protocol.  ...  routing protocols [2] .  ... 
fatcat:xjcy7wc2hzbhzl3bfxwniqvjhy

World Development Report, 2016: digital dividends

2016 ChoiceReviews  
TFP is estimated following the methodology of Olley and Pakes (1996).  ...  Estonia's X-Road framework integrates services from all parts of government as well as private or civil society groups according to protocols that govern data exchange and security standards. 34 ractically  ... 
doi:10.5860/choice.196952 fatcat:or474dtenvdkbawpeueb4daosu