skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Provably Secure Password-based Authentication in TLS

Abstract

In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite hasmore » actually been negotiated, and after the server has sent a server identity.« less

Authors:
; ; ; ;
Publication Date:
Research Org.:
Ernest Orlando Lawrence Berkeley NationalLaboratory, Berkeley, CA (US)
Sponsoring Org.:
USDOE. Office of Advanced Scientific Computing Research.Mathematical Information and Computing Sciences Division; EuropeanCommission. IST program Contract IST-2002-507932 ECRYPT
OSTI Identifier:
881394
Report Number(s):
LBNL-57609-Ext.-Abs.
R&D Project: KL0501; BnR: YN0100000; TRN: US200612%%827
DOE Contract Number:  
DE-AC02-05CH11231
Resource Type:
Conference
Resource Relation:
Conference: ACM Symposium on Information, Computer andCommunications Security, Taipei, Taiwan, March 21-24,2006
Country of Publication:
United States
Language:
English
Subject:
42 ENGINEERING; COMMUNICATIONS; COMPUTERS; DESIGN; DICTIONARIES; FLEXIBILITY; SECURITY; TRANSPORT

Citation Formats

Abdalla, Michel, Emmanuel, Bresson, Chevassut, Olivier, Moeller,Bodo, and Pointcheval, David. Provably Secure Password-based Authentication in TLS. United States: N. p., 2005. Web.
Abdalla, Michel, Emmanuel, Bresson, Chevassut, Olivier, Moeller,Bodo, & Pointcheval, David. Provably Secure Password-based Authentication in TLS. United States.
Abdalla, Michel, Emmanuel, Bresson, Chevassut, Olivier, Moeller,Bodo, and Pointcheval, David. Tue . "Provably Secure Password-based Authentication in TLS". United States. doi:. https://www.osti.gov/servlets/purl/881394.
@article{osti_881394,
title = {Provably Secure Password-based Authentication in TLS},
author = {Abdalla, Michel and Emmanuel, Bresson and Chevassut, Olivier and Moeller,Bodo and Pointcheval, David},
abstractNote = {In this paper, we show how to design an efficient, provably secure password-based authenticated key exchange mechanism specifically for the TLS (Transport Layer Security) protocol. The goal is to provide a technique that allows users to employ (short) passwords to securely identify themselves to servers. As our main contribution, we describe a new password-based technique for user authentication in TLS, called Simple Open Key Exchange (SOKE). Loosely speaking, the SOKE ciphersuites are unauthenticated Diffie-Hellman ciphersuites in which the client's Diffie-Hellman ephemeral public value is encrypted using a simple mask generation function. The mask is simply a constant value raised to the power of (a hash of) the password.The SOKE ciphersuites, in advantage over previous pass-word-based authentication ciphersuites for TLS, combine the following features. First, SOKE has formal security arguments; the proof of security based on the computational Diffie-Hellman assumption is in the random oracle model, and holds for concurrent executions and for arbitrarily large password dictionaries. Second, SOKE is computationally efficient; in particular, it only needs operations in a sufficiently large prime-order subgroup for its Diffie-Hellman computations (no safe primes). Third, SOKE provides good protocol flexibility because the user identity and password are only required once a SOKE ciphersuite has actually been negotiated, and after the server has sent a server identity.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Dec 20 00:00:00 EST 2005},
month = {Tue Dec 20 00:00:00 EST 2005}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: