Sciweavers

IJNSEC
2008

Proof of Forward Security for Password-based Authenticated Key Exchange

13 years 11 months ago
Proof of Forward Security for Password-based Authenticated Key Exchange
Recently, M. Abdalla et al. proposed a slightly different variant of AuthA, based on the scheme proposed by E. Bresson et al., and provided the first complete proof of forward-secrecy for AuthA. They claimed that under the Gap Diffie-Hellman assumption the variant of AuthA was forward-secure in the random-oracle model. In this paper, we present an active attack to reveal a previously unpublished flaw in their proof. To fix their proof, we have to introduce one more variant Diffie-Hellman assumption. If so, we found the scheme proposed by E. Bresson et al. could be proved forward secure as well. Since the proposal of E. Bresson et al. is simpler for implementation in practice, we only provided the rigorous proof of forward security for it.
Shuhua Wu, Yuefei Zhu
Added 12 Dec 2010
Updated 12 Dec 2010
Type Journal
Year 2008
Where IJNSEC
Authors Shuhua Wu, Yuefei Zhu
Comments (0)