Journal of shanghai Jiaotong University (Science) ›› 2011, Vol. 16 ›› Issue (5): 600-603.doi: 10.1007/s12204-011-1195-3

• Articles • Previous Articles     Next Articles

Simple Three-Party Password Authenticated Key Exchange Protocol

Simple Three-Party Password Authenticated Key Exchange Protocol

LO Nai-wei (罗乃维),     YEH Kuo-hui (叶国晖)   

  1. (1. Department of Information Management, National Taiwan University of Science
    and Technology, Taipei 10607;
    2. Department of Information Management, Chinese Culture University, Taipei 11114)
  2. (1. Department of Information Management, National Taiwan University of Science
    and Technology, Taipei 10607;
    2. Department of Information Management, Chinese Culture University, Taipei 11114)
  • Received:2011-05-10 Online:2011-10-29 Published:2011-10-20
  • Contact: LO Nai-wei (罗乃维), E-mail:nwlo@cs.ntust.edu.tw
  • Supported by:

    the National Science Council (Nos. NSC99-2218-E-011-014 and NSC 100-2219-E-011-002)

Abstract: Abstract:  Three-party password authenticated key exchange (3PAKE)
protocol plays a significant role in the history of secure communication
area in which two clients agree a robust session key in an authentic manner
based on passwords. In recent years, researchers focused on developing
simple 3PAKE (S-3PAKE) protocol to gain system efficiency while preserving
security robustness for the system. In this study, we first demonstrate how
an undetectable on-line dictionary attack can be successfully applied over
three existing S-3PAKE schemes. An error correction code (ECC) based S-3PAKE
protocol is then introduced to eliminate the identified authentication
weakness.

Key words:

authentication| cryptanalysis| error correction code (ECC)|
simple three-party password authenticated key exchange (S-3PAKE)| security|
undetectable on-line dictionary attack

摘要: Abstract:  Three-party password authenticated key exchange (3PAKE)
protocol plays a significant role in the history of secure communication
area in which two clients agree a robust session key in an authentic manner
based on passwords. In recent years, researchers focused on developing
simple 3PAKE (S-3PAKE) protocol to gain system efficiency while preserving
security robustness for the system. In this study, we first demonstrate how
an undetectable on-line dictionary attack can be successfully applied over
three existing S-3PAKE schemes. An error correction code (ECC) based S-3PAKE
protocol is then introduced to eliminate the identified authentication
weakness.

关键词:

authentication| cryptanalysis| error correction code (ECC)|
simple three-party password authenticated key exchange (S-3PAKE)| security|
undetectable on-line dictionary attack

CLC Number: