Deakin University

File(s) under permanent embargo

A variant of password authenticated key exchange protocol

Version 2 2024-06-06, 00:16
Version 1 2017-07-26, 15:38
journal contribution
posted on 2024-06-06, 00:16 authored by Y Zhang, Y Xiang, W Wu, A Alelaiwi
Password authenticated key exchange (PAKE) protocols are designed for a pair of users to establish a secret session key over a public and unreliable network. In existing PAKE protocols, it is assumed that short passwords are pre-shared between users. This assumption, however, would be impractical in certain applications. For instance, in the Internet of Things and Fog computing, billions of devices will be wirelessly connected. In practice, the devices are produced by different factories, and it is not practical to assume that these devices are pre-loaded with passwords when they leave factories. As a result, existing PAKE protocols cannot be directly employed in these applications. Moreover, it is investigated that devices can extract secrets using the wireless fading channel. However, the key extraction rate at the physical layer is slow. Motivated by these observations, this paper presents a variant of password authenticated key exchange (vPAKE) protocol without the password sharing assumption. To obtain the passwords, wireless devices, such as mobile phones, tablets, and laptops, are used to extract short secrets at the physical layer. Using the extracted secrets, users can establish a secret key at higher layers. The performance analysis shows that comparing with other PAKE protocols (which are proved secure in the standard model), the communication and computation consumptions of our protocol are significantly reduced. Additionally, the proposed protocol is proved secure in the standard model.



Future Generation Computer Systems




Part 2




Amsterdam, The Netherlands





Publication classification

C Journal article, C1 Refereed article in a scholarly journal

Copyright notice

2017, Elsevier B.V.


Elsevier BV