Simple Three-Party Password Authenticated Key Exchange Protocol

doi:10.1007/s12204-011-1195-3

上海交通大学学报（英文版） ›› 2011, Vol. 16 ›› Issue (5): 600-603.doi: 10.1007/s12204-011-1195-3

Simple Three-Party Password Authenticated Key Exchange Protocol

LO Nai-wei (罗乃维), YEH Kuo-hui (叶国晖)

(1. Department of Information Management, National Taiwan University of Science
and Technology, Taipei 10607;
2. Department of Information Management, Chinese Culture University, Taipei 11114)

收稿日期:2011-05-10 出版日期:2011-10-29 发布日期:2011-10-20
通讯作者: LO Nai-wei (罗乃维), E-mail:nwlo@cs.ntust.edu.tw
基金资助:
the National Science Council (Nos. NSC99-2218-E-011-014 and NSC 100-2219-E-011-002)

Simple Three-Party Password Authenticated Key Exchange Protocol

LO Nai-wei (罗乃维), YEH Kuo-hui (叶国晖)

(1. Department of Information Management, National Taiwan University of Science
and Technology, Taipei 10607;
2. Department of Information Management, Chinese Culture University, Taipei 11114)

Received:2011-05-10 Online:2011-10-29 Published:2011-10-20
Contact: LO Nai-wei (罗乃维), E-mail:nwlo@cs.ntust.edu.tw
Supported by:
the National Science Council (Nos. NSC99-2218-E-011-014 and NSC 100-2219-E-011-002)

摘要/Abstract

摘要： Abstract: Three-party password authenticated key exchange (3PAKE)
protocol plays a significant role in the history of secure communication
area in which two clients agree a robust session key in an authentic manner
based on passwords. In recent years, researchers focused on developing
simple 3PAKE (S-3PAKE) protocol to gain system efficiency while preserving
security robustness for the system. In this study, we first demonstrate how
an undetectable on-line dictionary attack can be successfully applied over
three existing S-3PAKE schemes. An error correction code (ECC) based S-3PAKE
protocol is then introduced to eliminate the identified authentication
weakness.

关键词: authentication, cryptanalysis, error correction code (ECC),
simple three-party password authenticated key exchange (S-3PAKE), security,
undetectable on-line dictionary attack

Abstract: Abstract: Three-party password authenticated key exchange (3PAKE)
protocol plays a significant role in the history of secure communication
area in which two clients agree a robust session key in an authentic manner
based on passwords. In recent years, researchers focused on developing
simple 3PAKE (S-3PAKE) protocol to gain system efficiency while preserving
security robustness for the system. In this study, we first demonstrate how
an undetectable on-line dictionary attack can be successfully applied over
three existing S-3PAKE schemes. An error correction code (ECC) based S-3PAKE
protocol is then introduced to eliminate the identified authentication
weakness.

Key words: authentication, cryptanalysis, error correction code (ECC),
simple three-party password authenticated key exchange (S-3PAKE), security,
undetectable on-line dictionary attack

中图分类号:

TP 309.2

LO Nai-wei (罗乃维), YEH Kuo-hui (叶国晖). Simple Three-Party Password Authenticated Key Exchange Protocol[J]. 上海交通大学学报（英文版）, 2011, 16(5): 600-603.

LO Nai-wei (罗乃维), YEH Kuo-hui (叶国晖). Simple Three-Party Password Authenticated Key Exchange Protocol[J]. Journal of shanghai Jiaotong University (Science), 2011, 16(5): 600-603.

[1]	WANG Mingzheng, WANG Yijie, WANG Tianyu, HOU Linzao, LI Mian . New Approach for Information Security Evaluation and Management of IT Systems in Educational Institutions[J]. J Shanghai Jiaotong Univ Sci, 2020, 25(6): 689-699.
[2]	GUO Fei (郭非), CAO Zhenfu (曹珍富), LIU Zhusen (刘竹森), CAO Nanyuan (曹楠源). A Privacy-Preserving Aggregation and Authentication Scheme Towards Mobile Users in Smart Grid[J]. Journal of Shanghai Jiao Tong University (Science), 2020, 25(1): 37-43.
[3]	MIRZAEE Siavash, JIANG Letian *(蒋乐天). Fast Confidentiality-Preserving Authentication for Vehicular Ad Hoc Networks[J]. Journal of Shanghai Jiao Tong University (Science), 2019, 24(1): 31-40.
[4]	ZHANG Yin-fa1 (张引发), REN Shuai1* (任帅), LI Juan1 (李娟), LIAO Xiao-min1 (廖晓闽),LI . Research on High Power Inter-Channel Crosstalk Attack in Optical Networks[J]. 上海交通大学学报（英文版）, 2015, 20(1): 7-13.
[5]	XIE Qi* (谢琪), LIU Wen-hao (刘文浩), WANG Sheng-bao (王圣宝),HU Bin (胡斌), DONG Na (董 . Robust Password and Smart Card Based Authentication Scheme with Smart Card Revocation[J]. 上海交通大学学报（英文版）, 2014, 19(4): 418-424.
[6]	CHIEN Hung-yu (简宏宇). Provably Secure Authenticated Diffie-Hellman Key Exchange for Resource-Limited Smart Card[J]. 上海交通大学学报（英文版）, 2014, 19(4): 436-439.
[7]	WANG Chih-hung* (王智弘), TU Tai-yuan (涂泰源). Keyword Search Encryption Scheme Resistant Against Keyword-Guessing Attack by the Untrusted Server[J]. 上海交通大学学报（英文版）, 2014, 19(4): 440-442.
[8]	HUANG Jheng-jia1 (黄政嘉), LU Pei-chun2 (卢佩君), JUANG Wen-shenq2* (庄文胜), FAN Chun-i1. Secure and Efficient Digital Rights Management Mechanisms with Privacy Protection[J]. 上海交通大学学报（英文版）, 2014, 19(4): 443-447.
[9]	HE Jun* (何俊), ZHENG Shi-hui (郑世慧). Intrusion Detection Model with Twin Support Vector Machines[J]. 上海交通大学学报（英文版）, 2014, 19(4): 448-454.
[10]	GAO Jian-bo1 (高建波), ZHANG Bao-wen1* (张保稳), CHEN Xiao-hua2 (陈晓桦), LUO Zheng3 (罗铮. Ontology-Based Model of Network and Computer Attacks for Security Assessment[J]. 上海交通大学学报（英文版）, 2013, 18(5): 554-562.
[11]	ZHAO Shi-kang (赵士康), HE Di (何迪), LI Wen-hua (李文化), ZHU Fu-sheng (朱伏生). Reputation-Based Collaborative Spectrum Sensing Scheme in Cognitive Radio Networks[J]. 上海交通大学学报（英文版）, 2011, 16(6): 641-647.
[12]	SUN Jin (孙瑾), HU Yu-pu (胡予濮), ZHANG Le-you (张乐友). Chosen Ciphertext Secure Identity-Based Broadcast Encryption in the Standard Model[J]. 上海交通大学学报（英文版）, 2011, 16(6): 672-676.
[13]	CHIEN Hung-yu (简宏宇), YEH Ming-kuei (叶明贵), WU Tzong-chen (吴宗成), LEE Chin. Comments on Enhanced Yoking Proof Protocols for Radio Frequency Identification Tags and Tag Groups[J]. 上海交通大学学报（英文版）, 2011, 16(5): 604-609.

Simple Three-Party Password Authenticated Key Exchange Protocol

Simple Three-Party Password Authenticated Key Exchange Protocol

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 13

编辑推荐

Metrics

本文评价