Password-only authenticated three-party key exchange proven secure against insider dictionary attacks

Scientific World Journal

Volumn 2014, Issue , 2014, Pages

  Nam, Junghyun ^a   Choo, Kim Kwang Raymond ^b   Paik, Juryon ^c   Won, Dongho ^c  

^a Konkuk University   (South Korea)

^b UNIVERSITY OF SOUTH AUSTRALIA   (Australia)

^c Sungkyunkwan University   (South Korea)

Author keywords

[No Author keywords available]

Indexed keywords

ARTICLE; BOOK; COMPUTER SECURITY; INFORMATION STORAGE; INTERNET PROTOCOL; ONLINE SYSTEM; PASSWORD ONLY AUTHENTICATED THREE PARTY KEY EXCHANGE; ALGORITHM; COMPUTER NETWORK; HUMAN; INTERNET; WIRELESS COMMUNICATION;

ALGORITHMS; COMPUTER COMMUNICATION NETWORKS; COMPUTER SECURITY; HUMANS; INTERNET; WIRELESS TECHNOLOGY;

EID: 84929941120     PISSN: 23566140     EISSN: 1537744X     Source Type: Journal    
DOI: 10.1155/2014/802359     Document Type: Article

References (38)

1. W. Wang and L. Hu, "Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols, " in Progress in Cryptology-INDOCRYPT 2006, vol. 4329 of Lecture Notes in Computer Science, pp. 118-132, Springer, Berlin, Germany, 2006.
2. H. Guo, Z. Li, Y. Mu, and X. Zhang, "Cryptanalysis of simple three-party key exchange protocol, " Computers and Security, vol. 27, no. 1-2, pp. 16-21, 2008.
3. J. Nam, J. Paik, H. Kang, U. M. Kim, and D. Won, "An offline dictionary attack on a simple three-party key exchange protocol, " IEEE Communications Letters, vol. 13, no. 3, pp. 205-207, 2009.
4. E. Yoon and K. Yoo, "Cryptanalysis of a simple three-party password-based key exchange protocol, " International Journal of Communication Systems, vol. 24, no. 4, pp. 532-542, 2011.
5. J. Nam, K. K. R. Choo, M. Kim, J. Paik, and D. Won, "Dictionary attacks against password-based authenticated three-party key exchange protocols, " KSII Transactions on Internet and Information Systems, vol. 7, no. 12, pp. 3244-3260, 2013.
6. J. Nam, K. K. R. Choo, M. Park, J. Paik, and D. Won, "On the security of a simple three-party key exchange protocol without servers public keys, " The Scientific World Journal, vol. 2014, Article ID 479534, 7 pages, 2014.
7. M. Bellare and P. Rogaway, "Entity authentication and key distribution, " in Proceedings of the Advances in Cryptology (CRYPTO 93), vol. 773 of Lecture Notes in Computer Science, pp. 232-249, Springer, Berlin, Germany.
8. M. Abdalla, P. Fouque, and D. Pointcheval, "Password-based authenticated key exchange in the three-party setting, " in Public Key Cryptography, vol. 3386 of Lecture Notes in Computer Science, pp. 65-84, Springer, Berlin, Germany, 2005.
9. M. Abdalla, P. Fouque, and D. Pointcheval, "Password-based authenticated key exchange in the three-party setting, " IEE Proceedings-Information Security, vol. 153, no. 1, pp. 27-39, 2006.
10. M. Abdalla and D. Pointcheval, "Interactive diffie-hellman assumptions with applications to password-based authentication, " in Proceedings of the 9th International Conference on Financial Cryptography and Data Security (FC 05), pp. 341-356, Springer, Berlin, Germany, March 2005.
11. H. Wen, T. Lee, and T. Hwang, "Provably secure three-party password-based authenticated key exchange protocol using Weil pairing, " IEE Proceedings-Communications, vol. 152, no. 2, pp. 138-143, 2005.
12. E. Dongna, Q. Cheng, and C. Ma, "Password authenticated key exchange based on RSA in the three-party settings, " in Provable Security, vol. 5848of LectureNotes in Computer Science, pp. 168-182, Springer, Berlin, Germany, 2009.
13. T. Lee and T. Hwang, "Simple password-based three-party authenticated key exchange without server public keys, " Information Sciences, vol. 180, no. 9, pp. 1702-1714, 2010.
14. W. Wang, L. Hu, and Y. Li, "How to construct secure and efficient three-party password-based authenticated key exchange protocols, " in Information Security and Cryptology, vol. 6584 of LectureNotes in Computer Science, pp. 218-235, Springer, Berlin, Germany, 2011.
15. C. LinandT. Hwang, "On"a simple three-partypassword-based key exchange protocol", " International Journal of Communication Systems, vol. 24, no. 11, pp. 1520-1532, 2011.
16. S. Wu, Q. Pu, S. Wang, and D. He, "Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol, " Information Sciences, vol. 215, pp. 83-96, 2012.
17. J. Nam, K. K. R. Choo, J. Kim, H. Kang, J. Paik, and D. Won, "Password-only authenticated three-party key exchange with provable security in the standard model, " The Scientific World Journal, vol. 2014, Article ID 825072, 11 pages, 2014.
18. J. Nam, Y. Lee, S. Kim, and D. Won, "Security weakness in a three-party pairing-based protocol for password authenticated key exchange, " Information Sciences, vol. 177, no. 6, pp. 1364-1375, 2007.
19. K. Yoneyama, "Efficient and strongly secure passwordbased server aided key exchange, " in Progress in Cryptology (INDOCRYPT 08), vol. 5365 of Lecture Notes in Computer Science, pp. 172-184, Springer, Berlin, Germany, 2008.
20. J. Zhao and D. Gu, "Provably secure three-party passwordbased authenticated key exchange protocol, " Information Sciences, vol. 184, no. 1, pp. 310-323, 2012.
21. C. Lin, H. Sun, and T. Hwang, "Three-party encrypted key exchange: attacks and a solution, " ACM SIGOPS Operating Systems Review, vol. 34, no. 4, pp. 12-20, 2000.
22. H. Chien and T. Wu, "Provably secure password-based threeparty key exchange with optimal message steps, " The Computer Journal, vol. 52, no. 6, pp. 646-655, 2009.
23. N. W. Lo and K. Yeh, "Cryptanalysis of two three-party encrypted key exchange protocols, " Computer Standards and Interfaces, vol. 31, no. 6, pp. 1167-1174, 2009.
24. D. Lou and H. Huang, "Efficient three-party password-based key exchange scheme, " International Journal of Communication Systems, vol. 24, no. 4, pp. 504-512, 2011.
25. J. Yang and T. Cao, "Provably secure three-party password authenticated key exchange protocol in the standard model, " Journal of Systems and Software, vol. 85, no. 2, pp. 340-350, 2012.
26. S. Wu, K. Chen, Q. Pu, and Y. Zhu, "Cryptanalysis and enhancements of efficient three-party password-based key exchange scheme, " International Journal of Communication Systems, vol. 26, no. 5, pp. 674-686, 2013.
27. H. Tsai and C. Chang, "Provably secure three party encrypted key exchange scheme with explicit authentication, " Information Sciences, vol. 238, pp. 242-249, 2013.
28. M. Bellare, D. Pointcheval, and P. Rogaway, "Authenticated key exchange secure against dictionary attacks, " in Advances in Cryptology-EUROCRYPT 2000, vol. 1807 of Lecture Notes in Computer Science, pp. 139-155, Springer, Berlin, Germany, 2000.
29. J. Katz, R. Ostrovsky, and M. Yung, "Efficient passwordauthenticated key exchange using human-memorable passwords, " in Advances in Cryptology-EUROCRYPT 2001, vol. 2045 of Lecture Notes in Computer Science, pp. 475-494, Springer, Berlin, Germany, 2001.
30. J. Katz, R. Ostrovsky, and M. Yung, "Efficient and secure authenticated key exchange using weak passwords, " Journal of the ACM, vol. 57, no. 1, article 3, 39 pages, 2010.
31. R. Gennaro and Y. Lindell, "A framework for passwordbased authenticated key exchange, " in Advances in Cryptology-EUROCRYPT 2003, vol. 2656 of Lecture Notes in Computer Science, pp. 524-543, Springer, Berlin, Germany, 2003.
32. P. MacKenzie, "The PAK suite: protocols for passwordauthenticated key exchange, " Contributions to IEEE P1363. 2, 2002.
33. S. M. Bellovin and M. Merritt, "Encrypted key exchange: password-based protocols secure against dictionary attacks, " in Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, pp. 72-84, Oakland, Calif, USA, May 1992.
34. E. Bresson, O. Chevassut, and D. Pointcheval, "New security results on encrypted key exchange, " in Public Key Cryptography, vol. 2947 of Lecture Notes in Computer Science, pp. 145-158, Springer, Berlin, Germany, 2004.
35. M. Bellare and P. Rogaway, "Provably secure session key distribution-the three party case, " in Proceedings of the ACM Symposium onTheory of Computing, pp. 57-66, 1995.
36. M. Bellare, R. Canetti, and H. Krawczyk, "Keying hash functions for message authentication, " in Advances in Cryptology-CRYPTO '96, vol. 1109 of Lecture Notes in Computer Science, pp. 1-15, Springer, Berlin, Germany, 1996.
37. M. Abdalla and D. Pointcheval, "Simple password-based encrypted key exchange protocols, " in The Cryptographers Track at the RSA Conference, vol. 3376 of Lecture Notes in Computer Science, pp. 191-208, Springer, Berlin, Germany, 2005.
38. K. K. R. Choo, "A proof of revised Yahalom protocol in the Bellare and Rogaway (1993) model, " Computer Journal, vol. 50, no. 5, pp. 591-601, 2007.