Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
On password-based authenticated key exchange (PAKE) protocols.
Download
index.pdf
Date
2020
Author
Tonga, Meryem
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
261
views
411
downloads
Cite This
Authentication and key agreement protocols play an important role in today’s digital world. Key agreement methods mostly mimic Diffie-Hellman key exchange protocol, but unfortunately they are susceptible to man-in-the-middle attacks. Password based authenticated key exchange (PAKE) protocols promise to handle these key agreement and authentication without requiring existence of certificate authorities or trusted third parties. More importantly, PAKE protocols enable agreement on low-entropy passwords rather than high-entropy cryptographic keys shared by only involved parties. Even if PAKE protocols are not widely used in practice, they are already included in IEFT (RFC), ISO security standards and TLS cryptographic suite. In this thesis, by following these recent developments, we first present these PAKE protocols in three forms, namely balanced PAKE protocols, augmented PAKE protocols and password authenticated key retrieval (PAKR) protocols and within both single and multi server settings. Particularly, we revisit EKE, SPEKE, PAK, PPK, J-PAKE, SPAKE, SESPAKE balanced, and SRP, AugPAKE, OPAQUE, B-SPEKE augmented protocols. Then, we summarize security attacks to these protocols. Afterwards, detailed explanations of the attacks against these protocols are given. We further present current state of the art for PAKE protocols. Finally, we draw attention to possible extensions for PAKE protocols and state currently open questions about the subject.
Subject Keywords
Key agreement protocols (Computer network protocols).
,
Cryptography
,
Cryptographic protocols
,
Password-based Authenticated Key Exchange (PAKE) Protocols
,
Augmented PAKE
,
Balanced PAKE
,
PAKE Protocols analysis.
URI
http://etd.lib.metu.edu.tr/upload/12625449/index.pdf
https://hdl.handle.net/11511/45661
Collections
Graduate School of Applied Mathematics, Thesis
Suggestions
OpenMETU
Core
Security analysis of electronic signature applications and test suite study
Ergun, Tamer; Özbudak, Ferruh; Department of Cryptography (2013)
Digital signature technology is used widely for security and trust in electronic business and communications. Nowadays it becomes commonly used especially in government agencies. From this point of view, it is crucial to implement correct applications to create and verify digital signatures. CEN (European Commitee for Standardization) has introduced the security requirements for signature applications but neither proposed a PKI model nor implemented a test suite to evaluate the accuracy of signature applica...
A PUF-based lightweight group authentication and key distribution protocol
Yıldız, Hüsnü; Onur, Ertan; Department of Computer Engineering (2020-9)
Securing Internet of Things (IoT) applications that collect and transport sensitive data by guaranteeing authenticity, integrity, and confidentiality is a critical challenge. Reducing computation and communication overhead of security functions is also a key concern since a large number of constrained devices may take place in such applications. Our main focus in this thesis is group authentication and key management in IoT. The existing group authentication and key management protocols in the literature pe...
Analysis of Password Attacks From The Perspective Of The Attacker By Multiple Honeypots
Aydın, Kıvanç; Acartürk, Cengiz; Department of Cybersecurity (2021-8-19)
Authentication is vital for secure operation of ICT systems. Since the past several decades, alternative solutions have been developed for authentication, such as biometric authentication methods, aiming at replacing passwords. Nevertheless, their success has been limited as evidenced by intensive use of passwords. Today, an average user uses dozens of different passwords in daily practice. The frequent use of passwords in authentication also leads to a close interest of attackers due to rapid the expansion...
Quantum Key Distribution and Recent Advancements
Demir, Nazlı Ceren; Yayla, Oğuz; Department of Cryptography (2021-2-10)
Güvenli anahtar değişiminin sağlanması simetrik anahtar ile şifrelemede önemli bir konudur. Kuantum bilgisayarların geliştirilmesiyle günümüzde kullanımda olan sistemlerin güvenlik ihtiyacını karşılamayacağı değerlendirilmektedir. Bu doğrultuda öne çıkan önemli bir araştırma konusu kuantum anahtar değişimidir. Bu bitirme projesi, ilk kuantum anahtar değişimi protokolü olan BB84 Protokolünü ve kuantum anahtar paylaşımında son dönemde meydana gelen gelişmeleri ele almaktadır.
Server notarıes: a complementary approach to the web PKI TRUST model
Yüce, Emre; Doğanaksoy, Ali; Selçuk, Ali Aydın; Department of Cryptography (2016)
SSL/TLS is the de facto protocol for providing secure communication over the Internet. It relies on the Web PKI model for authentication and secure key exchange. Despite its relatively successful past, the number of Web PKI incidents observed have increased recently. These incidents revealed the risks of forged certificates issued by certificateauthoritieswithouttheconsentofthedomainowners. Severalsolutionshave beenproposedtosolvethisproblem,butnosolutionhasyetreceivedwidespreadadaption due to complexity and ...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
M. Tonga, “On password-based authenticated key exchange (PAKE) protocols.,” Thesis (M.S.) -- Graduate School of Applied Mathematics. Cryptography., Middle East Technical University, 2020.
