Abstract

This paper presents a new password authentication and key agreement protocol called AMP in a provable manner. The intrinsic problem with password authentication is a password, associated with each user, has low entropy so that (1) the password is hard to transmit securely over an insecure channel and (2) the password file is hard to protect. Our solution to this complex problem is the amplified password proof idea along with the amplified password file. A party commits the high entropy information and amplifies her password with that information in the amplified password proof. She never shows any information except that she knows it for her proof. Our amplified password proof idea is similar to the zero-knowledge proof in that sense. A server stores amplified verifiers in the amplified password file that is secure against a server file compromise and a dictionary attack. AMP mainly provides the passwordverifier based authentication and the Diffie-Hellman based key agreement, securely and efficiently. AMP is simple and actually the most efficient protocol among the related protocols. 1.

Citations

2292	New Directions in Cryptography - Diffie, Hellman - 1976
2057	Handbook of Applied Cryptography - Menezes, Oorschot, et al. - 1997
961	A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithm - ElGamal - 1985
388	Entity authentication and key distribution - Bellare, Rogaway - 1994
293	Encrypted key exchange: Password-based protocols secure against dictionary attacks - Bellovin, Merritt - 1992
262	Efficient Identification and Signatures for Smart Cards. CRYPTO - Schnorr - 1989
256	An improved algorithm for computing logarithms over GF (p) and its cryptographic significance - Pohlig, Hellman - 1978
252	Authenticated key exchange secure against dictionary attacks - Bellare, Pointcheval, et al. - 2000
221	Timestamps in key distribution protocols - Denning, Sacco - 1981
193	Monte Carlo methods for index computation (mod p - Pollard - 1978
193	A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract - Bellare, Canetti, et al. - 1998
155	The secure remote password protocol - Wu - 1998
142	Strong password-only authenticated key exchange - Jablon - 1996
131	Security mechanisms in high-level network protocols - VOYDOCK, KENT - 1983
125	Provably secure password authenticated key exchange using Diffie-Hellman - Boyko, MacKenzie, et al. - 2000
117	Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password le compromise - Bellovin, Merritt - 1994
107	Protecting poorly chosen secrets from guessing attacks - Gong, Lomas, et al. - 1993
94	H.: Public-key cryptography and password protocols - Halevi, Krawczyk - 1999
82	Message recovery for signature schemes based on the discrete logarithm problem - Nyberg - 1994
56	Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys - Lucks - 1997
56	A key recovery attack on discrete log-based schemes using a prime order subgroup - Lim, Lee - 1997
51	On Diffie-Hellman key agreement with short exponents - Oorschot, Wiener - 1996
51	Refinement and Extension of Encrypted Key Exchange - Steiner, Tsudik, et al. - 1995
49	Reducing Risks from Poorly Chosen Keys - Lomas, Gong, et al. - 1989
49	A real-world analysis of Kerberos password security,” presented at the Network and Distributed System Security Symp - Wu
42	The AuthA Protocol for Password-Based Authenticated Key Exchange - Bellare, Rogaway - 2000
37	Number-Theoretic Attacks on Secure Password Schemes - Patel - 1997
35	Optimal Authentication Protocols Resistant to Password Guessing Attacks - Gong - 1995
35	Extended Password Key Exchange Protocols Immune to Dictionary Attack - Jablon - 1997
30	Undetectable On-line Password Guessing Attacks - Ding, Horster - 1995
28	Public-Key Cryptography and Password Protocols: The Multi-User Case - Boyarsky - 1999
24	Secure password-based cipher suite for TLS - Steiner, Buhler, et al.
23	Fortifying key negotiation schemes with poorly chosen passwords - Anderson, Lomas - 1994
14	Hellman 1976, "New directions in cryptography - Diffie, E
14	Oorschot, S.Vanstone, Handbook of Applied Cryptography - Menezes
13	Secure sessions from weak secrets - Roe, Wheeler - 1998
13	Secure Network Authentication with Password Identification", contripution to IEEE P1363 working group - MacKenzie, Swaminathan - 1999
10	cient identi cation and signatures for smart cards - Schnorr - 1989
8	Ultimate solution to authentication via memorable password," Contribution to the IEEE P1363 study group for Future PKC Standards, available from http://grouper.ieee.org/groups/1363/StudyGroup/Passwd.html#amp - Kwon
7	Some remarks on protecting weak keys and poorlychosen secrets from guessing attacks - Tsudik - 1993
6	cient key exchange and authentication protocols protecting weak secrets - Kwon, Song - 1998
5	R.A.Rueppel, "Message recovery for signature scheme based on the discrete logarithm problem," Eurocrypt 94 - Nyberg - 1994
5	Renement and extension of encrypted key exchange - Steiner, Tsudik, et al. - 1995
4	Monte Carlo methods for index computation - Pollard - 1978
4	encrypted key exchange: apassword-based protocol secure against dictionary attacks and password- le compromise - Bellovin, Merritt - 1993
3	P.Lee, "A key recovery attack on discrete log-based schemes using a prime order subgroup," Crypto 97 - Lim - 1997
2	T.Lomas, "Fortifying key negotiation schemes with poorly chosen passwords - Anderson - 1994
2	H.Krawczyk, "A modular approach to the design and analysis of authentication and key exchange protocols - Bellare - 1998
2	J.Saltzer, "Protecting poorly chosen secrets from guessing attacks - Gong, Needham - 1993
2	H.Krawczyk, "Public-key cryptography and password protocols - Halevi - 1998