Password-Authenticated Key Exchange based on RSA

MPhil Thesis Defence


Title: "Password-Authenticated Key Exchange based on RSA"

By

Miss Abir Jmaiel Ep Louati


Abstract

Key agreement protocol is an information security technique that allows two or 
more entities to agree upon a secret key and use it over a non-secure channel 
for pri- vate communication and authentication. Key agreement protocol was rst 
presented in 1976 by W. Di e and M. Hellman [1] and has become the most 
well-known tech- nique used. A password-based authenticated key exchange (PAKE) 
is a type of key agreement which enables two parties to mutual authenticate 
basing solely on human memorable passwords.

Normally cryptographic keys were the only way to ensure the authentication 
part, those long-term keys require adding a cryptographic device to store them, 
therefore substitute keys with password seems to be much more convenient. 
Besides, such protocol is able to avoid using the public key infrastructure 
(PKI), accordingly, PAKE gained a lot of importance during the past few years, 
nevertheless, the design of a PAKE protocol is harder due to the low entropy 
passwords. At the beginning of this thesis we start by introducing some 
mathematical tools which are compulsory to the design and understanding 
protocols. Then, we present some of the most studied authenticated key 
agreement protocols found in the literature. Furthermore, we specically analyze 
password-based authenticated key exchange protocols SNAPI, PEKEP, RSA-EPAKE 
which are all based on RSA, the evaluation of those protocols show that SNAPI 
and PEKEP are computationally ine cient, while Youn [2] has proved that 
RSA-EPAKE is vulnerable to the separation attack.

At the end we propose two new PAKE protocols based on RSA, the rst one is for a 
tripartite setting and the second is for the group setting. The security 
analysis and the e ciency analysis show that our new protocols can resist all 
known attacks.

Keywords: Three Party Authenticated Key Establishment, Authentication, 
Cryptography, Key Exchange Protocols, RSA based Authentication.


Date:			Wednesday, 16 March 2016

Time:			10:00am - 12:00noon

Venue:			Room 3494
 			Lifts 25/26

Committee Members:	Prof. Cunsheng Ding (Supervisor)
 			Dr. Wei Wang (Chairperson)
 			Dr. Maosheng Xiong (MATH)


**** ALL are Welcome ****