An off-line dictionary attack on a simple three-party key exchange protocol

IEEE Communications Letters

Volumn 13, Issue 3, 2009, Pages 205-207

  Nam, Junghyun ^a   Paik, Juryon ^b   Kang, Hyun Kyu ^a   Kim, Ung Mo ^b   Won, Dongho ^b  

^a Konkuk University   (South Korea)

^b Sungkyunkwan University   (South Korea)

Author keywords

Dictionary attack; Key exchange protocol; Password; Secure communication

Indexed keywords

LUTETIUM;

DICTIONARY ATTACK; IN BUILDINGS; KEY EXCHANGE PROTOCOL; OFF-LINE DICTIONARY ATTACKS; PASSWORD; PASSWORD SECURITIES; PASSWORD-AUTHENTICATED KEY EXCHANGES; PUBLIC NETWORKS; SECRET KEYS; SECURE COMMUNICATION; SECURITY VULNERABILITIES; SESSION KEYS; THREE PARTIES;

COMPUTER CRIME;

EID: 63649090970     PISSN: 10897798     EISSN: None     Source Type: Journal    
DOI: 10.1109/LCOMM.2009.081609     Document Type: Article

References (14)

1. M. Abdalla, P.-A. Fouque, and D. Pointcheval, "Password-based authenticated key exchange in the three-party setting," in Proc. PKC '05, LNCS vol. 3386, pp. 65-84, 2005.
2. M. Abdalla and D. Pointcheval, "Interactive Diffie-Hellman assumptions with applications to password-based authentication," in Proc. FC '05 LNCS vol. 3570, pp. 341-356, 2005.
3. M. Abdalla and D. Pointcheval, "Simple password-based encrypted key exchange protocols," in Proc. CT-RSA '05, LNCS vol. 3376, pp. 191-208, 2005.
4. M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks," in Proc. EUROCRYPT '00, LNCS vol. 1807, pp. 139-155, 2000.
5. S. M. Bellovin and M. Merritt, "Encrypted key exchange: Password-based protocols secure against dictionary attacks," in Proc. 1992 IEEE Symposium on Research in Security and Privacy, pp. 72-84, 1992.
6. V. Boyko, P. MacKenzie, and S. Patel, "Provably secure password-authenticated key exchange using Diffie-Hellman," in Proc. EUROCRYPT '00, LNCS vol. 1807, pp. 156-171, 2000.
7. H.-R. Chung and W.-C. Ku, "Three weaknesses in a simple three-party key exchange protocol," Inform. Sciences, vol. 178, no. 1, pp. 220-229, 2008.
8. H. Guo, Z. Li, Y. Mu, and X. Zhang, "Cryptanalysis of simple three-party key exchange protocol," Computers & Security, vol. 27, no. 1, pp. 16-21, 2008.
9. J. Katz, R. Ostrovsky, and M. Yung, "Efficient password-authenticated key exchange using human-memorable passwords," in Proc. EUROCRYPT '01, LNCS vol. 2045, pp. 475-494, 2001.
10. C.-L. Lin, H.-M. Sun, M. Steiner, and T. Hwang, "Three-party encrypted key exchange without server public-keys," IEEE Commun. Lett., vol. 5, no. 12, pp. 497-499, 2001.
11. R. Lu and Z. Cao, "Simple three-party key exchange protocol," Computers & Security, vol. 26, no. 1, pp. 94-97, 2007.
12. R. C.-W. Phan, W.-C. Yau, and B.-M. Goi, "Cryptanalysis of simple three-party key exchange protocol (S-3PAKE)," Inform. Sciences, vol. 178, no. 13, pp. 2849-2856, 2008.
13. J. Steiner, C. Newman, and J. Schiller, "Kerberos: An authentication service for open network systems," in Proc. 1998 USENIX Winter Conference, pp. 191-202, 1998.
14. M. Steiner, G. Tsudik, and M. Waidner, "Refinement and extension of encrypted key exchange," ACM SIGOPS Operating Systems Review, vol. 29, no. 3, pp. 22-30, 1995.