Enhancements of A Three-Party Password-Based Authenticated Key Exchange Protocol

Enhancements of A Three-Party Password-Based Authenticated Key Exchange Protocol

Shuhua Wu 1,2,3 , Kefei Chen 1, and Yuefei Zhu3
1 Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
2 State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing, China
3Department of Network Engineering, Information Science and Technology Institute, Zhengzhou, China
 
Abstract:
This paper discusses the security for a simple and efficient three-party password-based authenticated key exchange protocol proposed by Huang most recently. Our analysis shows her protocol is still vulnerable to three kinds of attacks: (1) undetectable on-line dictionary attacks; and (2) key-compromise impersonation attack. Thereafter we propose an enhanced protocol that can defeat the attacks described and yet is reasonably efficient.

Keywords: password-based; authenticated key exchange; three-party; dictionary attack.
 
Received June 2, 2010; accepted March 1, 2011
Read 3487 times Last modified on Thursday, 23 February 2012 07:57
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…