Hide/Show Apps

On password-based authenticated key exchange (PAKE) protocols.

Tonga, Meryem
Authentication and key agreement protocols play an important role in today’s digital world. Key agreement methods mostly mimic Diffie-Hellman key exchange protocol, but unfortunately they are susceptible to man-in-the-middle attacks. Password based authenticated key exchange (PAKE) protocols promise to handle these key agreement and authentication without requiring existence of certificate authorities or trusted third parties. More importantly, PAKE protocols enable agreement on low-entropy passwords rather than high-entropy cryptographic keys shared by only involved parties. Even if PAKE protocols are not widely used in practice, they are already included in IEFT (RFC), ISO security standards and TLS cryptographic suite. In this thesis, by following these recent developments, we first present these PAKE protocols in three forms, namely balanced PAKE protocols, augmented PAKE protocols and password authenticated key retrieval (PAKR) protocols and within both single and multi server settings. Particularly, we revisit EKE, SPEKE, PAK, PPK, J-PAKE, SPAKE, SESPAKE balanced, and SRP, AugPAKE, OPAQUE, B-SPEKE augmented protocols. Then, we summarize security attacks to these protocols. Afterwards, detailed explanations of the attacks against these protocols are given. We further present current state of the art for PAKE protocols. Finally, we draw attention to possible extensions for PAKE protocols and state currently open questions about the subject.