Abstract. In his talk, Michel Abdalla will consider the problem of designing authenticated key exchange protocols based on passwords, known as PAKE. These are protocols which allow users to establish cryptographically strong keys among themselves with the help of a weak secret, known as a password, which can be drawn from a small set of possible values. Since PAKE protocols rely on short and easily memorizable secrets, they also seem more convenient to use as they do not require additional cryptographic devices capable of storing cryptographically strong keys. After introducing PAKE, Michel Abdalla will review different security goals that one can consider for it as well as different ways of realizing these goals. In particular, Michel Abdalla will discuss the security of the four candidates recently considered for standardization in the balanced PAKE category by the Crypto Forum Research Group: SPEKE, SPAKE2, J-PAKE, and CPace. Finally, he will discuss some of the issues regarding the implementation of these protocols and future research directions.
Biograpgy. Michel Abdalla received the PhD degree in computer science from the University of California at San Diego, La Jolla, California. He is a senior staff researcher with the French National Center for Scientific Research, an adjunct professor in the Computer Science Department at École Normale Supérieure (ENS), and a member of the ENS cryptography team. He has served on the program committee of numerous international conferences, including Crypto and Eurocrypt, and was program chair for PKC 2018, SCN 2014, CANS 2013, PAIRING 2012, LATINCRYPT 2010, and ACNS 2009. Currently, he is the President of the International Association for Cryptologic Research and serves on the editorial boards of ETRI Journal and on the steering committees of LATINCRYPT. His present research focuses on the design of efficient and provably secure cryptographic protocols.