Efficient Password-Based Authenticated Key Exchange Protocol in the UC Framework

In this paper, we propose a new password-based authenticated key exchange (PAKE) protocol and prove its security within the universal composability (UC) framework. The security proof of this protocol is based on standard number-theoretic assumptions, i.e., without random oracle or ideal cipher assumption. Comparisons show that, our protocol is more efficient than Canetti et al. 's protocol, which is the most efficient two party PAKE protocol proven secure in the UC framework and based on standard number-theoretic assumptions. More specifically, our protocol saves 1 round of communication and 5 modular exponentiations when the underlying cryptosystem is instantiated with Cramer-Shoup public key cryptosystem. Moreover, our protocol avoids the usage of the one-time signature, which saves the bandwidth for transmitting the message and saves the computation for signature and verification.