Password-Based Authenticated Key Exchange Based on Signcryption for the Internet of Things

Password-based Authenticated Key Exchange (PAKE) is an attractive solution for secure authentication and key agreement between two parties over insecure networks by using only a human-memorable password. Introduced by Bellovin, the approach has been receiving much attention from researchers and motivating many follow-up works. In this paper, we introduce a new paradigm of designing PAKE protocols using signcryption scheme. The proposed protocol, called Password-based Signcryption Key Exchange (PSKE), not only formally fulfills all security requirements but also is able to provide outstanding computational efficiency over some patented protocols, which target two-party setting such as EKE, J-PAKE, and SRP. These features make PSKE suitable for remote user authentication in the Internet of Things (IoT) context where remote users need to authenticate to IoT devices before securely retrieving real-time raw data at any time from these devices.