Abstract: Password-based authenticated key exchange (PAKE) protocols are cryptographic primitives which enable two entities, who only share a memorable password, to identify each other and to communicate over a public unreliable network with a secure session key. In this paper, we propose a simple, efficient and provably secure PAKE protocol based on Diffie-Hellman key exchange and cryptographic hash function. Our protocol is secure against dictionary attacks. Its security is proved based on the hardness of the computational Diffie-Hellman problem in the random oracle model. © Shanghai Jiaotong University and Springer-Verlag Berlin Heidelberg 2011.

Key words: Key exchange; Password authentication; Provable security