News & Events

UK-SPS Seminar 29th Sept - An Overview of Password-authenticated Key Exchanges

Title: An Overview of Password-authenticated Key Exchange Protocols

Speaker: Feng Hao (Warwick)

 

Abstract: Password-authenticated key exchange (PAKE) is an interesting example that shows the magic of mathematics. It allows two remote users to establish a “high-entropy” key from a “low-entropy” shared secret without involving any trusted third party. Following Bellovin and Merrit’s 1992 Encrypted Key Exchange (EKE), many PAKE protocols have been proposed in the next 30 years. Today, some have been adopted in large-scale applications, e.g., secure messenger, Wi-Fi, iCloud, browser sync and Thread. On the other hand, designing a robust PAKE protocol has proved extremely delicate and error-prone. In this talk, I will provide a review of the three decades research in this field, a summary of the state-of-the-art, and a taxonomy to categorize existing protocols. A comparative analysis of protocol performance is provided, using representative examples from taxonomy categories. Finally, I will review the recent IETF selection of PAKE protocols for standardisation and summarise lessons as well as open problems.


Bio: Feng Hao is a Professor of Security Engineering at the Department of Computer Science, University of Warwick. He received his PhD from the University of Cambridge in 2008. He had a total of 6 years working experience in the security industry before starting his academic career in 2010 first as a lecturer and then a reader in 2014 and a professor in 2018. With colleagues, he designed a range of cryptographic protocols, some of which have been standardized and used in practical applications. He held a 2014 ERC starting grant and an ERC Proof of concept grant.

 

Please feel free to forward to others who might be interested. 

 

UK-SPS is an inter-university seminar series on cyber security and privacy. Seminar details are also advertised on our websitecalendar and Twitter, and recordings will be available on our YouTube channel afterwards. 

Last modified: Mon, 04 Oct 2021 15:48:03 BST