Entry Chen:2014:CDP from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Chen:2014:CDP,
  author =       "Liqun Chen and Hoon Wei Lim and Guomin Yang",
  title =        "Cross-Domain Password-Based Authenticated Key Exchange
                 Revisited",
  journal =      j-TISSEC,
  volume =       "16",
  number =       "4",
  pages =        "15:1--15:??",
  month =        apr,
  year =         "2014",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2584681",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Mon May 5 18:00:10 MDT 2014",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "We revisit the problem of secure cross-domain
                 communication between two users belonging to different
                 security domains within an open and distributed
                 environment. Existing approaches presuppose that either
                 the users are in possession of public key certificates
                 issued by a trusted certificate authority (CA), or the
                 associated domain authentication servers share a
                 long-term secret key. In this article, we propose a
                 generic framework for designing four-party
                 password-based authenticated key exchange (4PAKE)
                 protocols. Our framework takes a different approach
                 from previous work. The users are not required to have
                 public key certificates, but they simply reuse their
                 login passwords, which they share with their respective
                 domain authentication servers. On the other hand, the
                 authentication servers, assumed to be part of a
                 standard PKI, act as ephemeral CAs that certify some
                 key materials that the users can subsequently use to
                 exchange and agree on as a session key. Moreover, we
                 adopt a compositional approach. That is, by treating
                 any secure two-party password-based key exchange
                 (2PAKE) protocol and two-party
                 asymmetric-key/symmetric-key-based key exchange
                 (2A/SAKE) protocol as black boxes, we combine them to
                 obtain generic and provably secure 4PAKE protocols.",
  acknowledgement = ack-nhfb,
  articleno =    "15",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries