@techreport{oai:ipsj.ixsq.nii.ac.jp:00044424, author = {辛星漢 and 古原和邦 and 今井, 秀樹 and Seong, HanSHIN and Kazukuni, KOBARA and Hideki, IMAI}, issue = {71(2007-CSEC-038)}, month = {Jul}, note = {An anonymous password-authenticated key exchange (PAKE) protocol is designed to provide both user's password-based authentication and anonymity against a semi-honest server. However the computation and communication costs of the previous construction grow linearly with the number of users. In this paper we propose two efficient anonymous PAKE (called MEAP and VEAP) protocols which provide unconditional anonymity of the involved user. If the pre-computation is allowed the overall computation cost of the MEAP protocol is independent of the number of users. We also show how the VEAP protocol works where the overall computation and communication costs are completely independent of the number of users. In the VEAP protocol user (resp. server) needs only 2 (resp. 3) on-line modular exponentiations. The security of both protocols is based on the CT-CDH (Chosen Target CDH) problem in the random oracle model., An anonymous password-authenticated key exchange (PAKE) protocol is designed to provide both user's password-based authentication and anonymity against a semi-honest server. However, the computation and communication costs of the previous construction grow linearly with the number of users. In this paper, we propose two efficient anonymous PAKE (called, MEAP and VEAP) protocols which provide unconditional anonymity of the involved user. If the pre-computation is allowed, the overall computation cost of the MEAP protocol is independent of the number of users. We also show how the VEAP protocol works where the overall computation and communication costs are completely independent of the number of users. In the VEAP protocol, user (resp., server) needs only 2 (resp., 3) on-line modular exponentiations. The security of both protocols is based on the CT-CDH (Chosen Target CDH) problem in the random oracle model.}, title = {On Anonymous Password-Authenticated Key Exchange}, year = {2007} }