Anonymous Password Authenticated Key Exchange Protocol in the Standard Model.

Anonymous password authenticated key exchange (APAKE) allows a client holding a low-entropy password to establish a session key with a server in an authenticated and anonymous way. As a very convenient solution for personal privacy protection, it has attracted much attention in recent years. However, almost all existing APAKE protocols are designed in the random oracle model. In this paper, we propose the first password-only APAKE protocol (called APAKE- S) with proven security in the standard model, i.e., without random oracle heuristic. The resulting protocol guarantees AKE security, client anonymity and mutual authentication. Moreover, since the building blocks in our construction can be instantiated based on numerous hard assumptions (e.g., decisional Diffie-Hellman, Quadratic Residuosity, and N-residuosity assumptions), our APAKE- S protocol is actually a generic construction which implies a series of efficient APAKE protocols in the standard model. [ABSTRACT FROM AUTHOR]