Password Authenticated Key Exchange for Resource-Constrained Wireless Communications (Extended Abstract)

With the advancement of wireless technology and the increasing demand for resource-constrained mobile devices, secure and efficient password authenticated key exchange (PAKE) protocols are needed for various kinds of secure communications among low-power wireless devices. In this paper, we introduce an elliptic curve based password-keyed permutation family and use it to construct a PAKE in such a way that it is suitable for efficient implementation on low-power devices. The computation time on each side of our PAKE is estimated to be about 3.4 seconds and can be reduced to 1.5 seconds with precomputation on an embedded device with a low-end 16MHz DragonBall-EZ microprocessor. The protocol can also be extended to an augmented version. On its security, we show that the password-keyed permutation family is secure against offline dictionary attack under the assumption that the elliptic curve computational Diffie-Hellman problem is intractable.