A practical three-party authenticated key exchange protocol

International Journal of Innovative Computing, Information and Control

Volumn 6, Issue 6, 2010, Pages 2468-2484

  Lo, Nai Wei ^a   Yeh, Kuo Hui ^a  

^a NATIONAL TAIWAN UNIVERSITY OF SCIENCE AND TECHNOLOGY   (Taiwan)

Author keywords

Authentication; Cryptanaly sis; Man in the middle attack; Password guessing attacks; Security; Three party key exchange protocol (3PAKE)

Indexed keywords

CRYPTANALY-SIS; MAN IN THE MIDDLE ATTACKS; PASSWORD GUESSING ATTACK; SECURITY; THREE-PARTY;

EFFICIENCY;

AUTHENTICATION;

EID: 80052537663     PISSN: 13494198     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (30)

1. S. M. Bellovin and M. Merritt, Encrypted key exchange: Password-based protocols secure against pass-word guessing attacks, Proc. of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp.72-84, 1992.
2. C. C. Chang and Y. F. Chang, A novel three-party encrypted key exchange protocol, Computer Standards and Interfaces, vol.26, no.5, pp.471-476, 2004.
3. T. H. Chen, W. B. Lee and H. B. Chen, A round- and computation- efficient three-party authenti-cated key exchange protocol, Journal of Systems and Software, vol.81, no.9, pp.1581-1590, 2008.
4. H. R. Chung and W. C. Ku, Three weaknesses in a simple three-party key exchange protocol, Information Science, vol.178, no.1, pp.220-229, 2008.
5. Y. Ding and P. Horster, Undetectable on-line password guessing attacks, ACM Operating Systems Review, vol.29, no.4, pp.77-86, 1995.
6. H. Guo, Z. Li, Y. Mu and X. Zhang, Cryptanalysis of simple three-party key exchange protocol, Computers and Security, vol.27, no.1-2, pp.16-21, 2008.
7. L. Law, A. Menezes, M. Qu, J. Solinas and S. Vanstone, An efficient protocol for authenticated key agreement, Designs, Codes and Cryptography, vol.28, no.2, pp.119-134, 2003.
8. T. F. Lee, T. Hwang and C. L. Lin, Enhanced three-party encrypted key exchange without server public keys, Computers and Security, vol.23, no.7, pp.571-577, 2004.
9. S. W. Lee, H. S. Kim and K. Y. Yoo. Efficient verifier-based key agreement protocol for three parties without server's public key, Applied Mathematics and Computation, vol.167, no.2, pp.996-1003, 2005.
10. C. L. Lin, H. M. Sun and T. Hwang, Three party-encrypted key exchange: attacks and a solution, ACM Operating Systems Review, vol.34, no.4, pp.12-20, 2000.
11. C. L. Lin, H. M. Sun, M. Steiner and T. Hwang, Three-party encrypted key exchange without server pub-lic-keys, IEEE Communication Letters, vol.5, no.12, pp.497-499, 2001.
12. R. X. Lu and Z. F. Cao, Simple three-party key exchange protocol, Computers and Security, vol.26, no.1, pp.94-97, 2007.
13. J. Nam, Y. Lee, S. Kim and D. Won, Security weakness in a three-party pairing-based protocol for password authenticated key exchange, Information Sciences, vol.177, no.6, pp.1364-1375, 2007.
14. C. W. Phan Raphael and W. C. Yau and B. M. Goi, Cryptanalysis of simple three-party key exchange protocol (S-3PAKE), Information Science, vol.178, no.13, pp.2849-2856, 2008.
15. M. Steiner, G. Tsudik and M. Waidner, Refinement and extension of encrypted key exchange, ACM Operating Systems Review, vol.29, no.3, pp.22-30, 1995.
16. H. M. Sun, B. C. Chen and T. Hwang, Secure key agreement protocols for three-party against guessing attacks, Journal of Systems and Software, vol.75, no.1-2, pp.63-68, 2005.
17. H. A. Wen, T. F. Lee and T. Hwang, Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, IEE Proceedings-Communications, vol.152, no.2, pp.138-143, 2005.
18. S. Blake-Wilson and A. Menezes, Authenticated Diffie-Hellman key agreement protocols, Proc. Of the 5th Annual Workshop on Selected Areas in Cryptography, pp.339-361, 1998.
19. Y. F. Chang, A practical three-party key exchange protocol with round efficiency, International Journal of Innovative Computing, Information and Control, vol.4, no.4, pp.953-960, 2008.
20. Y. Sawada, and T. Sako, Collision detection and estimation of its spot for a flexible beam using ratio of mode functions, International Journal of Innovative Computing, Information and Control, vol.2, no.5, pp.1027-1038, 2005.
21. H. Chu, K. Tsai and W. Chang, Fuzzy control of active queue management routers for transmission con-trol protocol networks via time-delay affine Takagi-Sugeno fuzzy models, International Journal of Innovative Computing, Information and Control, vol.4, no.2, pp.291-312, 2008.
22. H. F. Huang and W. C. Wei, A new efficient and complete remote user authentication protocol with smart card, International Journal of Innovative Computing, Information and Control, vol.4, no.11, pp.2803-2808, 2008.
23. L. Mi and F. Takeda, Analysis of the robustness of the pressure-based individual identification system based on neural networks, International Journal of Innovative Computing, Information and Control, vol.3, no.1, pp.97-110, 2007.
24. Z. Zhang, B. Fang, M. Hu and H. Zhang, Security analysis of session initiation protocol, International Journal of Innovative Computing, Information and Control, vol.3, no.2, pp.457-469, 2007.
25. J. S. Lee, Y. F. Chang and C. C. Chang, Secure authentication protocols for mobile commerce transactions, International Journal of Innovative Computing, Information and Control, vol.4, no.9, pp.2305-2314, 2008.
26. J. S. Lee, Y. F. Chang and C. C. Chang, A novel authentication protocol for multi-server architecture without smart cards, International Journal of Innovative Computing, Information and Control, vol.4, no.6, pp.1357-1364, 2008.
27. B. C. Neuman and T. Ts'o', Kerberos: An authentication service for computer networks, IEEE Communications Magazine, vol.32, no.9, pp.33-38, 1994.
28. R. Molva, G. Tsudik, E. van Herreweghen and S. Zatti, KryptoKnight authentication and key distribu-tion system, Proc. of the 1992 European Symposium on Research in Computer Security - ESORICS, Toulouse, France, pp.1-16, 1992.
29. IEEE P1363.2/D15, Standard Specifications for Password-based Public Key Cryptographic Technologies, 2004.
30. ISO/IEC FCD 11770-4, Information Technology - Security Techniques - Key Management - Part 4: Mechanism Based on Weak Secrets, Information Organization for Standardization, 2006.