BookRags.com Literature Guides Literature
Guides		 Criticism & Essays Criticism &
Essays		 Questions & Answers Questions &
Answers		 Lesson Plans Lesson
Plans		 My Bibliography Periodic Table U.S. Presidents Shakespeare Sonnet Shake-Up
Research Anything:        
History | Encyclopedias | Films | News | Create a Bibliography | More... Login | Register | Help
Not What You Meant?  There are 3 definitions for Speke.

SPEKE (cryptography)

 Print-Friendly
About 3 pages (796 words)

Bookmark and Share Questions on this topic? Just ask!

SPEKE (Simple Password Exponential Key Exchange) is a cryptographic method for password-authenticated key agreement.

Contents

Description

The protocol consists of little more than a Diffie-Hellman key exchange where the Diffie-Hellman generator g is created from a hash of the password. Here is one simple form of SPEKE:

  1. Alice and Bob agree to use an appropriately large and randomly selected safe prime p.
  2. Alice and Bob agree on a shared password π.
  3. Alice and Bob both construct g = hash(π)2 mod p. (Squaring makes g a generator of the prime order subgroup of the multiplicative group of integers modulo p.)
  4. Alice chooses a secret random integer a, then sends Bob ga mod p.
  5. Bob chooses a secret random integer b, then sends Alice gb mod p.
  6. Alice and Bob each abort if their received values are not in the range [2,p-2], to prevent small subgroup confinement attack.
  7. Alice computes K = (gb mod p)a mod p.
  8. Bob computes K = (ga mod p)b mod p.

Both Alice and Bob will arrived at the same value for K if and only if they use the same value for π. Once Alice and Bob compute the shared secret K they can use it in a key confirmation protocol to prove to each other that they know the same password π, and to derive a shared secret encryption key for sending secure and authenticated messages to each other. Unlike unauthenticated Diffie-Hellman, SPEKE prevents man in the middle attack by the incorporation of the password. An attacker who is able to read and modify all messages between Alice and Bob cannot learn the shared key K and cannot make more than one guess for the password in each interaction with a party that knows it. In general, SPEKE can use any prime order group that is suitable for public key cryptography, including elliptic curve cryptography.

History

SPEKE is one of the older and well-known protocols in the relatively new field of password-authenticated key exchange. It was first described by David Jablon in 1996 (1). In this publication Jablon also suggested a variant where in step 2 of the protocol g is calculated as g = gqS with a constant gq. However, this construction turned out to be insecure against dictionary attacks and was therefore not recommended anymore in a revised version of the paper. In 1997 (2) Jablon refined and enhanced SPEKE with additional variations, including an augmented password-authenticated key agreement method called B-SPEKE. Since 1997 no flaws have been published for SPEKE. A paper published by MacKenzie in 2001 (3) presents a proof in the random oracle model that SPEKE is a secure PAKE protocol (using a somewhat relaxed definition) based on a variation of the Decision Diffie-Hellman assumption. Since 1999, the protocol has been used by several companies in a variety of products, typically supplementing other cryptographic techniques.

Patents

U.S. Patent 6,226,383  describes several variations of the method.

Standards

Standards that describe SPEKE include IEEE P1363.2 and ISO/IEC Draft 11770-4.

References

  • D. Jablon. Strong Password-Only Authenticated Key Exchange. Computer Communication Review, ACM SIGCOMM, vol. 26, no. 5, pp. 5-26, October 1996 Author's link.
  • D. Jablon. Extended Password Key Exchange Protocols Immune to Dictionary Attacks. Proceedings of the Sixth Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET-ICE '97), IEEE Computer Society, June 18-20, 1997, Cambridge, MA, pp. 248-255. Author's link.
  • P. MacKenzie. On the Security of the SPEKE Password-Authenticated Key Exchange Protocol. Cryptology ePrint Archive: Report 2001/057.

See also

External links

Public-key cryptography
This box:     edit
Algorithms: CEILIDH | Cramer-Shoup | DH | DSA | ECDH | ECDSA | EKE | ElGamal encryption | ElGamal signature scheme | GMR | IES | Lamport | MQV | NTRUEncrypt | NTRUSign | Paillier | Rabin | RSA | Schnorr | SPEKE | SRP | XTR
Theory: Discrete logarithm | Elliptic curve cryptography | RSA problem
Standardization: ANS X9F1 | CRYPTREC | IEEE P1363 | NESSIE | NSA Suite B   Misc: Digital signature | Fingerprint | PKI | Web of trust | Key size
Cryptography
This box:     edit
History of cryptography | Cryptanalysis | Cryptography portal | Topics in cryptography
Symmetric-key algorithm | Block cipher | Stream cipher | Public-key cryptography | Cryptographic hash function | Message authentication code | Random numbers

View More Summaries on SPEKE (cryptography)
 
View all | View only answered questions | View only unanswered questions
Ask any question on SPEKE (cryptography) and get it answered FAST!
Answer questions in BookRags Q&A and earn points toward
discounted or even FREE Study Guides and other BookRags products!
Learn more about BookRags Q&A
Copyrights
SPEKE (cryptography) from Wíkipedia. ©2006 by Wíkipedia. Licensed under the GNU Free Documentation License. View a list of authors or edit this article.

Article Navigation
Join BookRagslearn moreJoin BookRags
About BookRags | Customer Service | Report an Error | Terms of Use | Privacy Policy