Human Computing for Handling Strong Corruptions in Authenticated Key Exchange

Abstract

Ph.D. Student Shan Chen presents user authentication and key exchange protocols that can tolerate strong corruptions on the client-side. He will define the security model for Human Authenticated Key Exchange (HAKE) protocols and propose two generic protocols based on human-compatible (HC) functions, password-authenticated key exchange (PAKE), commitment, and authenticated encryption. Chen will prove that HAKE protocols can remain secure under reasonable assumptions and will discuss efficient instantiations. He'll also propose a variant where users get help from a small device such as RSA SecurID. This allows implementation of an HC function with stronger security and weakens required assumptions on the PAKE. Overall, this leads to the very efficient HAKE, which can withstand strong corruptions.