Universally Composable Password-Based Key Exchange (NOT KNOWN IF TALK GIVEN)

We put forward a definition of security for password-based key exchange within the framework of universal composability. In addition to providing security guarantees under arbitrary composition with other protocols, our definition directly models aspects of the problem that were not adequately addressed by most prior notions. Specifically, our definition does not assume any underlying probability distribution on passwords, nor does it assume independence between passwords chosen for use by different parties. We also formulate a definition of password-based secure channels, and show that this can be achieved (using standard techniques) using any protocol for password-based key exchange. We present a protocol securely realizing our definition of password-based key exchange in the common reference string model, based on some standard number-theoretic assumptions.