Credential authenticated identification and key exchange

Jan Camenisch, Nathalie Casati, Thomas Gross, Victor Shoup

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper initiates a study of two-party identification and key-exchange protocols in which users authenticate themselves by proving possession of credentials satisfying arbitrary policies, instead of using the more traditional mechanism of a public-key infrastructure. Definitions in the universal composability framework are given, and practical protocols satisfying these definitions, for policies of practical interest, are presented. All protocols are analyzed in the common reference string model, assuming adaptive corruptions with erasures, and no random oracles. The new security notion includes password-authenticated key exchange as a special case, and new, practical protocols for this problem are presented as well, including the first such protocol that provides resilience against server compromise (without random oracles).

Original languageEnglish (US)
Title of host publicationAdvances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings
Pages255-276
Number of pages22
Volume6223 LNCS
DOIs
StatePublished - 2010
Event30th Annual International Cryptology Conference, CRYPTO 2010 - Santa Barbara, CA, United States
Duration: Aug 15 2010Aug 19 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6223 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other30th Annual International Cryptology Conference, CRYPTO 2010
CountryUnited States
CitySanta Barbara, CA
Period8/15/108/19/10

Fingerprint

Key Exchange
Network protocols
Random Oracle
Universal Composability
Public Key Infrastructure
Authenticated Key Exchange
Password
Resilience
Servers
Server
Strings
Arbitrary

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Camenisch, J., Casati, N., Gross, T., & Shoup, V. (2010). Credential authenticated identification and key exchange. In Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings (Vol. 6223 LNCS, pp. 255-276). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6223 LNCS). https://doi.org/10.1007/978-3-642-14623-7_14

Credential authenticated identification and key exchange. / Camenisch, Jan; Casati, Nathalie; Gross, Thomas; Shoup, Victor.

Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. Vol. 6223 LNCS 2010. p. 255-276 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6223 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Camenisch, J, Casati, N, Gross, T & Shoup, V 2010, Credential authenticated identification and key exchange. in Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. vol. 6223 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6223 LNCS, pp. 255-276, 30th Annual International Cryptology Conference, CRYPTO 2010, Santa Barbara, CA, United States, 8/15/10. https://doi.org/10.1007/978-3-642-14623-7_14
Camenisch J, Casati N, Gross T, Shoup V. Credential authenticated identification and key exchange. In Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. Vol. 6223 LNCS. 2010. p. 255-276. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-14623-7_14
Camenisch, Jan ; Casati, Nathalie ; Gross, Thomas ; Shoup, Victor. / Credential authenticated identification and key exchange. Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. Vol. 6223 LNCS 2010. pp. 255-276 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{e8f52bae3d3e4b3fbddfc527f8316531,
title = "Credential authenticated identification and key exchange",
abstract = "This paper initiates a study of two-party identification and key-exchange protocols in which users authenticate themselves by proving possession of credentials satisfying arbitrary policies, instead of using the more traditional mechanism of a public-key infrastructure. Definitions in the universal composability framework are given, and practical protocols satisfying these definitions, for policies of practical interest, are presented. All protocols are analyzed in the common reference string model, assuming adaptive corruptions with erasures, and no random oracles. The new security notion includes password-authenticated key exchange as a special case, and new, practical protocols for this problem are presented as well, including the first such protocol that provides resilience against server compromise (without random oracles).",
author = "Jan Camenisch and Nathalie Casati and Thomas Gross and Victor Shoup",
year = "2010",
doi = "10.1007/978-3-642-14623-7_14",
language = "English (US)",
isbn = "3642146228",
volume = "6223 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "255--276",
booktitle = "Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings",

}

TY - GEN

T1 - Credential authenticated identification and key exchange

AU - Camenisch, Jan

AU - Casati, Nathalie

AU - Gross, Thomas

AU - Shoup, Victor

PY - 2010

Y1 - 2010

N2 - This paper initiates a study of two-party identification and key-exchange protocols in which users authenticate themselves by proving possession of credentials satisfying arbitrary policies, instead of using the more traditional mechanism of a public-key infrastructure. Definitions in the universal composability framework are given, and practical protocols satisfying these definitions, for policies of practical interest, are presented. All protocols are analyzed in the common reference string model, assuming adaptive corruptions with erasures, and no random oracles. The new security notion includes password-authenticated key exchange as a special case, and new, practical protocols for this problem are presented as well, including the first such protocol that provides resilience against server compromise (without random oracles).

AB - This paper initiates a study of two-party identification and key-exchange protocols in which users authenticate themselves by proving possession of credentials satisfying arbitrary policies, instead of using the more traditional mechanism of a public-key infrastructure. Definitions in the universal composability framework are given, and practical protocols satisfying these definitions, for policies of practical interest, are presented. All protocols are analyzed in the common reference string model, assuming adaptive corruptions with erasures, and no random oracles. The new security notion includes password-authenticated key exchange as a special case, and new, practical protocols for this problem are presented as well, including the first such protocol that provides resilience against server compromise (without random oracles).

UR - http://www.scopus.com/inward/record.url?scp=77956987281&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77956987281&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-14623-7_14

DO - 10.1007/978-3-642-14623-7_14

M3 - Conference contribution

AN - SCOPUS:77956987281

SN - 3642146228

SN - 9783642146220

VL - 6223 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 255

EP - 276

BT - Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings

ER -