A round- and computation-efficient three-party authenticated key exchange protocol

Journal of Systems and Software

Volumn 81, Issue 9, 2008, Pages 1581-1590

  Chen, Tzung Her ^a   Lee, Wei Bin ^b   Chen, Hsing Bai ^b  

^a NATIONAL CHIAYI UNIVERSITY   (Taiwan)

^b FENG CHIA UNIVERSITY   (Taiwan)

Author keywords

Authenticated key exchange; Authentication; Key agreement; Network security

Indexed keywords

ELECTRONIC COMMERCE;

AUTHENTICATED KEY EXCHANGE (AKE); AUTHENTICATED KEY EXCHANGE (AKE) PROTOCOL; KEY MANAGEMENT PROBLEM; LIGHT WEIGHTING; MOBILE E-COMMERCE (M-COMMERCE); QUICK RESPONSE; SERVER SIDE; SESSION KEYS;

PUBLIC KEY CRYPTOGRAPHY;

EID: 47549109760     PISSN: 01641212     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.jss.2007.11.720     Document Type: Article

References (21)

1. Bellovin, S.M., Merrit, M., 1992. Encrypted key exchanged: password-based protocols secure against dictionary attacks. In: Proceedings of IEEE Symposium on Research in Security and Privacy, pp. 72-84.
2. Bird R., Gopal I., Herzberg A., Janson P., Kutten S., Molva R., and Yung M. The KryptoKnight family of light-weight protocols for authentication and key distribution. IEEE/ACM Transactions on Networking 3 1 (1995) 31-41
3. Chang C.C., and Chang Y.F. A novel three-party encrypted key exchange protocol. Computer Standards and Interfaces 26 5 (2004) 472-476
4. Diffie W., and Hellman M. New directions in cryptography. IEEE Transactions on Information Theory 22 6 (1976) 644-654
5. Gong, L., 1995. Optimal authentication protocols resistant to password guessing attack. In: Proceedings of the 8th IEEE Computer Security Foundation Workshop, pp. 24-29.
6. Gong L., Lomas M., Needham R., and Saltzer J. Protecting poorly chosen secrets from guessing attacks. IEEE Journal on Selected Area in Communications 11 (1993) 648-656
7. Jaung W.S. Efficient three-party key exchange using smart cards. IEEE Transactions on Consumer Electronics 50 2 (2004) 619-624
8. Johnson D., Menezes A., and Vanstone S.A. The elliptic curve digital signature algorithm (ECDSA). International Journal of Information Security 1 1 (2001) 36-63
9. Lee T.F., Hwang T., and Lin C.L. Enhanced three-party encrypted key exchange without server public keys. Computer and Security 23 7 (2004) 571-577
10. Lee S.W., Kim H.S., and Yoo K.Y. Efficient verifier-based key agreement protocol for three parties without server's public key. Applied Mathematics and Computation 167 2 (2005) 996-1003
11. Lin C.L., Sun H.M., and Hwang T. Three-party encrypted key exchange: attacks and a solution. ACM Operating Systems Review 34 (2000) 12-20
12. Lin C.L., Sun H.M., Steiner M., and Hwang T. Three-party encrypted key exchange without server public-keys. IEEE Communications Letters 5 (2001) 497-499
13. Nam J., Kim S., and Won D. Attack on the Sun-Chen-Hwang's three-party key agreement protocols using passwords. IEICE Transactions on Fundamentals E89-A 1 (2006) 209-212
14. Nam J., Lee Y., Kim S., and Won D. Security weakness in a three-party pairing-based protocol for password authenticated key exchange. Information Sciences 177 6 (2007) 1364-1375
15. Neuman B.C., and Ts'o T. Kerberos: an authentication service for computer networks. IEEE Communication Magazine 32 9 (1994) 33-38
16. Schneier B. Applied Cryptography. second ed. (1996), John Wiley and Sons, New York
17. Schnorr C.P. Efficient identification and signatures for smart cards. CRYPTO'89 (1990), Springer-Verlag pp. 239-252
18. Steniner M., Tsudik G., and Waidner M. Refinement and extension of encrypted key exchange. ACM Operating Systems Review 29 (1995) 2-30
19. Sun H.M., Chen B.C., and Hwang T. Secure key agreement protocols for three-party against guessing attacks. The Journal of Systems and Software 75 (2005) 63-68
20. Wen H.A., Lee T.F., and Hwang T. Provably secure three-party password-based authenticated key exchange protocol using Weil pairing. IEE Proceedings of Communications 152 2 (2005) 138-143
21. Yeh H.T., Sun H.M., and Hwang T. Efficient three-party authentication and key agreement protocols resistant to password guessing attacks. International Journal of Information and System Engineering 19 6 (2003) 1059-1070