Cross-Domain Password-Based Authenticated Key Exchange Revisited
- Submitting institution
-
The University of Surrey
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 9023586_4
- Type
- D - Journal article
- DOI
-
10.1145/2584681
- Title of journal
- ACM Transactions on Information and System Security
- Article number
- -
- First page
- 1
- Volume
- 16
- Issue
- 4
- ISSN
- 1094-9224
- Open access status
- Out of scope for open access requirements
- Month of publication
- -
- Year of publication
- 2014
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
-
- Research group(s)
-
-
- Citation count
- 0
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- Password-based secure cross-domain communication enables a user from one domain to securely communicate with another user from a different domain through their respective domain servers. Designing a secure 4-party password-based authenticated key exchange (4PAKE) protocol is difficult and attempts by ISO/IEC, over many years, to develop a standard stalled because no reliable protocol was available. This paper proposed a first generic 4PAKE framework and demonstrated that combining two-party password-based and two-party asymmetric-key/symmetric-key based key exchange protocols can provide provably secure 4PAKE protocols. This new protocol has been adopted by ISO/IEC and included in ISO/IEC DIS 11770-7.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -