Sciweavers

ACNS
2005
Springer

Two-Server Password-Only Authenticated Key Exchange

13 years 9 months ago
Two-Server Password-Only Authenticated Key Exchange
Typical protocols for password-based authentication assume a single server which stores all the information (e.g., the password) necessary to authenticate a user. Unfortunately, an inherent limitation of this approach (assuming low-entropy passwords are used) is that the user’s password is exposed if this server is ever compromised. To address this issue, it has been suggested to share a user’s password information among multiple servers, and to have these servers cooperate (possibly in a threshold manner) when the user wants to authenticate. We show here a two-server version of the password-based key-exchange protocol of Katz, Ostrovsky, and Yung (the KOY protocol). Our work gives the first provably-secure two-server protocol for the password-only setting (in which the user need remember only a password, and not the servers’ public keys), and is the first two-server protocol (in any setting) with a proof of security in the standard model. Our work thus fills a gap left by th...
Jonathan Katz, Philip D. MacKenzie, Gelareh Taban,
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where ACNS
Authors Jonathan Katz, Philip D. MacKenzie, Gelareh Taban, Virgil D. Gligor
Comments (0)