Next: Candidate One-Way Functions Based
Up: Back at Weizmann (1998-2003)
Previous: On Testing Expansion in
This work presents session-key generation protocols
in a model where the legitimate parties share only
a human-memorizable password.
The security guarantee holds with respect to probabilistic
polynomial-time adversaries that control the communication
channel (between the parties),
and may omit, insert and modify messages at their choice.
Loosely speaking, the effect of such an adversary
that attacks an execution of the protocol is comparable
to an attack in which an adversary is only allowed to make a
constant number of queries of the form ``is w
the password of Party A''.
Comments:
Authored by O. Goldreich and Y. Lindell. Appeared in
- Proceedings of Crypto01, pages 408-432.
Oded Goldreich
2003-07-30