Summary: The extended abstract of this work appears in . This is the full version.
Password-Based Authenticated Key Exchange
in the Three-Party Setting
Michel Abdalla Pierre-Alain Fouque David Pointcheval
Departement d'Informatique, ´Ecole normale sup´erieure
45 Rue d'Ulm, 75230 Paris Cedex 05, France
Password-based authenticated key exchange (PAKE) are protocols which are designed to
be secure even when the secret key used for authentication is a human-memorable password.
In this paper, we consider PAKE protocols in the three-party scenario, in which the users
trying to establish a common secret do not share a password between themselves but only
with a trusted server. Towards our goal, we recall some of the existing security notions
for PAKE protocols and introduce new ones that are more suitable to the case of generic
constructions of three-party protocols. We then present a natural generic construction of a
three-party PAKE protocol from any two-party PAKE protocol and prove its security. To
the best of our knowledge, the new protocol is the first provably-secure PAKE protocol in
the three-party setting.
Keywords: password, authenticated key exchange, key distribution, multi-party protocols.