|![[Search]](http://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](http://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](http://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](http://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](http://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Owl - an augmented password-authenticated key exchange protocol
Owl - an augmented password-authenticated key exchange protocolAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Hridoy Sankar Dutta. In this talk, I will first review three decades of research in the field of password-authenticated key exchange (PAKE). PAKE protocols can be categorized into two types: balanced and augmented schemes. I will share my experience of designing a balanced PAKE called J-PAKE in 2008 (joint work with Ryan). Today, J-PAKE has been deployed in many real-world applications, e.g., Google Nest, ARM Mbed, Amazon Fire stick and Thread products. Next, I will focus on augmented PAKE , which is a different challenge. Today, SRP -6a is the only augmented PAKE that has enjoyed wide use, e.g., in Apple’s iCloud, 1Password and Proton mail. Limitations of SRP -6a, such as heuristic security, a lack of efficiency (due to the mandated use of a safe prime) and a lack of support for elliptic curve implementations are well-known, but for the past 25 years, there seems to be no better alternative. In 2020, IETF chose OPAQUE as an augmented PAKE standard, but open issues leave it unclear whether OPAQUE will replace SRP -6a. Finally, I will present Owl, a new augmented PAKE (joint work with Bag, Chen and van Oorshot; see https://eprint.iacr.org/2023/768). Owl is obtained by efficiently adapting J-PAKE to an augmented setting. While J-PAKE is symmetric, Owl is asymmetric. Both protocols follow the same design principle but they are suitable for different applications. I will show that Owl is systematically better than SRP -6a in every aspect, including security computation, communication, message sizes and cryptographic agility. Owl is also free from several security and implementation issues faced by OPAQUE . https://cam-ac-uk.zoom.us/j/88950422934?pwd=WHJsSklROW90YVVxbndQYTlJTERIUT09 Meeting ID: 889 5042 2934 Passcode: 853480 RECORDING : Please note, this event will be recorded and will be available after the event for an indeterminate period under a CC BY -NC-ND license. Audience members should bear this in mind before joining the webinar or asking questions. NOTE : Please do not post URLs for the talk, and especially Zoom links to Twitter because automated systems will pick them up and disrupt our meeting. This talk is part of the Computer Laboratory Security Seminar series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsCentre for English Legal History seminars Ignite CAMSEDOther talksDead Code Removal at Meta: Automatically Deleting Millions of Lines of Code and Petabytes of Deprecated Data Identification of novel antibiotic resistance mechanisms in Klebsiella pneumoniae using machine learning Convergent evolution of CO2-fixing liquid-liquid phase separation TBA Contributed talk - TBC Earth Systems Palaeobiology: using climate models to better understand the habitats of marine animals through geologic time |
Feng Hao, University of Warwick
Tuesday 20 February 2024, 14:00-15:00