Cryptanalysis of a three-party password-based authenticated key exchange protocol

International Journal of Network Security

Volumn 16, Issue 5, 2014, Pages 393-396

  He, Debiao ^a,b   Zhang, Yuanyuan ^a   Chen, Jianhua ^a  

^a WUHAN UNIVERSITY   (China)

^b University of Chinese Academy of Sciences   (China)

Author keywords

Cryptanalysis; Guessing attack; Off line password; Password

Indexed keywords

CRYPTOGRAPHY;

AUTHENTICATED KEY EXCHANGE; AUTHENTICATED KEY EXCHANGE PROTOCOLS; CRYPTANALYSIS; GUESSING ATTACKS; OFF-LINE PASSWORD; OFFLINE PASSWORD GUESSING ATTACK; PASSWORD; SECURE COMMUNICATION CHANNELS;

AUTHENTICATION;

EID: 84902255257     PISSN: 1816353X     EISSN: 18163548     Source Type: Journal    
DOI: None     Document Type: Article

References (19)

1. M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks," in Proceedings of Eurocrypt'00, LNCS 1807, pp. 139-155, 2000.
2. S. M. Bellovin and M. Merritt. Encrypted key exchange: password-based protocols secure against dictionary attacks. In Proceedings of the 1992 IEEE symposium on research in security and privacy, pages 72-84, 1992.
3. V. Boyko, P. MacKenzie, and S. Patel. Provably secure password-authenticated key exchange using Diffie-Hellman. In Proceedings of the Eurocrypt '00, LNCS 1807, pages 156-171, 2000.
4. H. R. Chung and W. C. Ku. Three weaknesses in a simple three-party key exchange protocol. Information Science, 178(1): 220-229, 2008.
5. Y. F. Chang. A practical three-party key exchange protocol with round efficiency. International Journal of Innovative Computing, Information and Control, 4(4): 953-960, 2008.
6. Y. Ding and P. Horster. Undetectable on-line password guessing attacks. ACM Operating Systems Review, 29(4): 77-86, 1995.
7. H. Guo, Z. Li, Y. Mu, and X. Zhang. Cryptanalysis of simple three-party key exchange protocol. Computers and Security, 27(1-2): 16-21, 2008.
8. IEEE P1363.2: Password-Based Public-Key Cryptography. (http://grouper.ieee.org/groups/1363/passwdPK/)
9. S. Jiang and G. Gong. Password based key exchange with mutual authentication. In Proceedings of SAC '04, LNCS 3357, pages 267-279, 2005.
10. J. Katz, R. Ostrovsky, and M. Yung. Efficient password-authenticated key exchange using human-memorable passwords. In Proceedings of the Eurocrypt '01, LNCS 2045, pages 475-494, 2001.
11. C. L. Lin, H. M. Sun, and T. Hwang. Three party-encrypted key exchange: attacks and a solution. ACM Operating Systems Review, 34(4): 12-20, 2000.
12. N. W. Lo and K. H. Yeh. A practical three-party authenticated key exchange protocol. International Journal of Innovative Computing, Information and Control, 6(6): 2469-2483, 2010.
13. R. X. Lu and Z. F. Cao. Simple three-party key exchange protocol. Computers and Security, 26(1): 94-97, 2007.
14. T. F. Lee, T. Hwang, and C. L. Lin. Enhanced three-party encrypted key exchange without server public keys. Computers and Security, 23(7): 571-577, 2004.
15. J. Nam, Y. Lee, S. Kim, and D. Won. Security weakness in a three-party pairing-based protocol for password authenticated key exchange. Information Sciences, 177(6): 1364-1375, 2007.
16. C. W. Phan Raphael, W. C. Yau, and B. M. Goi. Cryptanalysis of simple three-party key exchange protocol (S-3PAKE). Information Science, 178(13): 2849-2856, 2008.
17. M. Steiner, G. Tsudik, and M. Waidner. Refinement and extension of encrypted key exchange. ACM Operating Systems Review, 29(2): 22-30, 1995.
18. H. A. Wen, T. F. Lee, and T. Hwang. Provably secure three-party password-based authenticated key exchange protocol using Weil pairing. IEE Proceedings-Communications, 152(2): 138-143, 2005.
19. M. Zhang. New approaches to password authenticated key exchange based on RSA. In Proceedings of the Asiacrypt'04, LNCS 3329, pages 230-244, 2004.