- This seminar has passed.
An Overview of Password-authenticated Key Exchange Protocols
29 September 2021 @ 3:00 pm - 4:00 pm
Password-authenticated key exchange (PAKE) is an interesting example that shows the magic of mathematics. It allows two remote users to establish a “high-entropy” key from a “low-entropy” shared secret without involving any trusted third party. Following Bellovin and Merrit’s 1992 Encrypted Key Exchange (EKE), many PAKE protocols have been proposed in the next 30 years. Today, some have been adopted in large-scale applications, e.g., secure messenger, Wi-Fi, iCloud, browser sync and Thread. On the other hand, designing a robust PAKE protocol has proved extremely delicate and error-prone. In this talk, I will provide a review of the three decades research in this field, a summary of the state-of-the-art, and a taxonomy to categorize existing protocols. A comparative analysis of protocol performance is provided, using representative examples from taxonomy categories. Finally, I will review the recent IETF selection of PAKE protocols for standardisation and summarise lessons as well as open problems.
Zoom meeting: https://newcastleuniversity.zoom.us/j/86537945147?pwd=ejRwUFRkemkvNGFjdWZydlo3RWhrdz09
Meeting ID: 865 3794 5147
Passcode: 351602
Youtube live streaming: https://youtu.be/ubiObUDGVng
Youtube VoD
Presenter
-
Feng Hao (Warwick University)Feng Hao is a Professor of Security Engineering at the Department of Computer Science, University of Warwick. He received his PhD from the University of Cambridge in 2008. He had a total of 6 years working experience in security industry before starting his academic career in 2010 first as a lecturer and then a reader in 2014 and a professor in 2018. With colleagues, he designed a range of cryptographic protocols, some of which have been standardized and used in practical applications. He held a 2014 ERC starting grant and an ERC Proof of concept grant.