Hello, Sorry for potentially spamming your email reflector. I'm an embedded wireless programmer in need of a very simple Password Authenticated Key Exchange(PAKE). I believe I have created something similar to SPEKE but that works considerable better over elliptic curves. I would like some help proving that it is secure.
Set up The Protocol begins with an elliptic curve over F2m with parameters T = (m, f(x), a, b, G, n, h) and G2 as second generator of that group such that v, where vG = G2 is unknown. Also given P an arbitrary element of the group generated by G and aP finding a is hard. The curves 163k1 and 283k1 are such curves with these properties. T and G2 are fixed and known by all implementers of the algorithm. Convention: Capitals will be points on the curve and lower case letters will be integers. Algorithm 1. Let Alice and Bob have a shared password s, s is a "smallish" non-negative integer. 2. Both Alice and Bob choose a number between 1 and n-2. Let these numbers be a and b. Alice sends the point P1=aG + sG2 to Bob and Bob sends the point P2 = bG+ sG2 to Alice. 3a. Alice verifies P2 is a generator of the group and then computes a(P2 - sG2) = a(bG+ sG2 - sG2) = abG 3b. Bob verifies P1 is a generator of the group and then computes b(P1 - sG2) = b(aG+ sG2 - sG2) = abG 4. Alice and Bob verify that they both know the new shared secret abG. If Alice and Bob fail to agree on the new shared secret, abG, they know something has gone wrong. .................. Jonathan Cressman Firmware Developer [cid:[email protected]] Energate Inc. 2379 Holly Lane, Suite 200, Ottawa, Ontario, Canada K1V 7P2 T: 613-482-7928 x226 F: 613-288-0816 http://www.energateinc.com<http://www.energate.ca/>
_______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
