Title: Password-based authenticated key distribution in the three-party setting with forward security

Authors: Shuhua Wu, Yuefei Zhu

Addresses: Department of Networks Engineering, Zhengzhou Information Science Technology Institute, 450002 Zhengzhou, He'nan, China. ' Department of Networks Engineering, Zhengzhou Information Science Technology Institute, 450002 Zhengzhou, He'nan, China

Abstract: Key establishment protocols are used for distributing shared keying material in a secure manner. In 1995, Bellare and Rogaway presented a three-party server-based key distribution (3PKD) protocol. But the protocol was recently found insecure and then was fixed by Choo et al. (2005b). But forward-secrecy is not considered in the revised protocol. In this paper, we demonstrate that it is not forward secure indeed. We then revise the protocol to be a password-based authenticated key distribution in the three-party setting and prove our protocol is forward secure in the random-oracle and ideal-cipher models under the password-based chosen-basis gap Diffie-Hellman assumption. Our protocol is quite simple and elegant, and rather efficient when compared to previous solutions.

Keywords: password authentication; key establishment; forward security; three-party; key distribution.

DOI: 10.1504/IJCNDS.2009.027601

International Journal of Communication Networks and Distributed Systems, 2009 Vol.3 No.4, pp.393 - 407

Published online: 03 Aug 2009 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article