A Two-Round, Ideally Secure, Strong Asymmetric PAKE
Abstract
Strong Asymmetric Password-Authenticated Key Exchange (saPAKE) enables a client, holding only a low-entropy password, to repeatedly establish shared high-entropy session keys with a server, holding a digest of that password. Ideally, an adversary is limited to impersonation attempts, online dictionary attacks, and, in the event of a leaked digest, a brute-force attack that does not admit precomputation. In this talk, I will present our novel saPAKE protocol, which is the first to simultaneously achieve the ideal security, as described, in a single round trip without generic algebraic models. We instantiate our saPAKE from an oblivious pseudorandom function (OPRF); I will also present our novel Dodis-Yampolskiy-based OPRF, the first online-extractable and input-committing UC-secure OPRF.
Kelsey Melissaris is a cryptographer. She received her PhD from the City University of New York, and wrote her thesis on authenticated key exchange. Most recently, she was a postdoctoral fellow at Aarhus University’s Cryptography and Security Group, researching threshold cryptography and digital signatures.