1 of 20

Lec 4: Game-Based Security Definition for PAKE (cont’d)

2 of 20

Recap

  •  

3 of 20

  •  

4 of 20

  •  

5 of 20

 

 

 

 

 

execute

reveal

send

reveal

reveal

 

 

send

reveal

 

 

send

reveal

test

5 attacked instances in total

CANNOT test this one

 

6 of 20

  •  

7 of 20

Today’s setting

  •  

8 of 20

Attempt 3.0

  •  

9 of 20

  •  

10 of 20

  •  

11 of 20

Attempt 3.1

  •  

12 of 20

  •  

13 of 20

More involved setting

  •  

14 of 20

Summary: Standard game-based PAKE definition [BPR00]

  •  

15 of 20

  •  

16 of 20

  •  

17 of 20

Homework problem 1

  • [AFP05] contains another game-based definition for PAKE. Read the relevant sections and describe the differences from the standard one in your own words. (I have no idea what’s going on in the irrelevant sections, but if you want to read the entire paper for fun, then sure.)
  • Your answer should be in the following form: “The definition in [AFP05] is the same as the standard one in [BPR00], except that: (1) …; (2) …”
    • Do not repeat what’s unchanged from [BPR00]
    • But describe all points where the 2 definitions differ

18 of 20

Homework problem 2

  •  

19 of 20

  • Submit a paper copy of your solution in class on 02/06 (Thu)

20 of 20

References

  • [BPR00] Mihir Bellare, David Pointcheval, and Phillip Rogaway. Authenticated Key Exchange Secure Against Dictionary Attacks. In EUROCRYPT 2000.
  • [AFP05] Michel Abdalla, Pierre-Alain Fouque, and David Pointcheval. Password-Based Authenticated Key Exchange in the Three-Party Setting. In PKC 2005.