An Efficient and Provably Secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement Protocol with Smart Cards

Cross-realm client-to-client password-authenticated key agreement (C2C-PAKA) protocols provide an authenticated key exchange between two clients of different realms, who only share their passwords with their own servers. Recently, several such cross-realm C2C-PAKA protocols have been suggested in the private-key (symmetric) setting, but all of these protocols are found to be vulnerable to password-compromise impersonation attacks. In this paper, we propose our innovative C2C- PAKA-SC protocol in which smart cards are first utilized in the cross-realm setting so that it can resist all types of common attacks including password-compromise impersonation attacks and provide improved efficiency. Moveover, we modify the original formal security model to adapt our proposed protocol and present a corresponding security proof.