TY - CONF T1 - A new framework for efficient password-based authenticated key exchange T2 - Proceedings of the 17th ACM conference on Computer and communications security Y1 - 2010 A1 - Groce,Adam A1 - Katz, Jonathan KW - exchange KW - key KW - password-based AB - Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts. To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction off ers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability (UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al. JA - Proceedings of the 17th ACM conference on Computer and communications security T3 - CCS '10 PB - ACM CY - New York, NY, USA SN - 978-1-4503-0245-6 UR - http://doi.acm.org/10.1145/1866307.1866365 M3 - 10.1145/1866307.1866365 ER -