EC2C-PAKA: An efficient client-to-client password-authenticated key agreement

Most password-authenticated key agreement schemes described in the literature have focused on authenticated key agreement using a shared password between a client and a server. With rapid changes in the modern communication environment such as ad-hoc networks and ubiquitous computing, it is necessary to construct a secure end-to-end channel between clients. This paradigm is a quite different paradigm from the existing ones. In this paper, we study client-to-client passwordauthenticated key agreement (C2C-PAKA) enabling two clients in different realms to agree on a common session key using different passwords. Byun et al. first presented a C2C-PAKA protocol under the cross-realm setting. However, the scheme was not formally treated, and subsequently found to be flawed. In addition, in this scheme, there is still opportunity for improvements both in the computation and communication aspects. We provide formal treatments for the C2C-PAKA protocol by using Bellare et al.’s security model. We also suggest an efficient C2CPAKA protocol and prove that the protocol is secure under the decisional Diffie-Hellman assumption in the ideal cipher and random oracle models.