A simple key agreement protocol

Abstract

We propose a simple key agreement protocol(SKA) that provides key establishment with authentication over an insecure channel using only a human memorable password. The SKA is based on Diffie-Hellman scheme and has many of desirable security attributes: it resists off-line dictionary attacks mounted by either passive or active adversaries over network, allowing low-entropy passwords to be used safely. It also offers perfect forward secrecy, which protects past sessions and passwords against future compromise. Besides, it is secure against an adversary who captured a host's password file. Since user passwords are stored in a verifier form, the adversary cannot use it directly to compromise security. The proposed scheme here shows that it is more efficient in computational time and communication overhead over the existing schemes.