Password-Based Authenticated Key Exchange Based on Signcryption for the Internet of Things

Password-based Authenticated Key Exchange (PAKE) is an attractive solution for secure authentication and key agreement between two parties over insecure networks by using only a human-memorable password. Introduced by Bellovin, the approach has been receiving much attention from researchers and moti...

Full description

Saved in:
Bibliographic Details
Main Authors: Hoang, Van-Hoan, Lehtihet, Elyes, Ghamri-Doudane, Yacine
Format: Conference Proceeding
Language:English
Subjects:
Authentication
Cryptography
encrypted key exchange
Internet of Things
Password
password-based authentication
Protocols
security proof
Servers
signcryption
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Password-based Authenticated Key Exchange (PAKE) is an attractive solution for secure authentication and key agreement between two parties over insecure networks by using only a human-memorable password. Introduced by Bellovin, the approach has been receiving much attention from researchers and motivating many follow-up works. In this paper, we introduce a new paradigm of designing PAKE protocols using signcryption scheme. The proposed protocol, called Password-based Signcryption Key Exchange (PSKE), not only formally fulfills all security requirements but also is able to provide outstanding computational efficiency over some patented protocols, which target two-party setting such as EKE, J-PAKE, and SRP. These features make PSKE suitable for remote user authentication in the Internet of Things (IoT) context where remote users need to authenticate to IoT devices before securely retrieving real-time raw data at any time from these devices.
ISSN:2156-972X
DOI:10.1109/WD.2019.8734196