Cryptanalysis of an efficient three-party password-based key exchange scheme

被引:3
作者
Yoon, Eun-Jun [1 ]
Yoo, Kee-Young [1 ]
机构
[1] Kyungil Univ, Dept Cyber Secur, Gyongsan, South Korea
来源
2012 INTERNATIONAL WORKSHOP ON INFORMATION AND ELECTRONICS ENGINEERING | 2012年 / 29卷
关键词
Cryptography; Key exchange; Password; Three-party; authentication; PROTOCOL;
D O I
10.1016/j.proeng.2012.01.604
中图分类号
TH [机械、仪表工业];
学科分类号
0802 ;
摘要
In order to secure communications between two clients with a trusted server's help in public network environments, a three-party password-based authenticated key exchange (3PAKE) scheme is used to provide the transaction confidentiality and efficiency. In 2010, Lou-Huang proposed a new simple three-party password-based authenticated key exchange (LH-3PAKE) scheme based on elliptic curve cryptography (ECC). By analysis, Lou-Huang claimed that the proposed LH-3PAKE scheme is not only secure against various attacks, but also more efficient than previously proposed 3PAKE schemes. However, this paper demonstrates LH-3PAKE scheme is vulnerable to off-line password guessing attacks by an attacker. c (C)2011 Published by Elsevier Ltd. Selection and/or peer-review under responsibility of Harbin University of Science and Technology
引用
收藏
页码:3972 / 3979
页数:8
相关论文
共 25 条
[1]  
Bellovin S. M., 1992, Proceedings. 1992 IEEE Computer Society Symposium on Research in Security and Privacy (Cat. No.92CH3157-5), P72, DOI 10.1109/RISP.1992.213269
[2]  
BruteForceCalc, 2006, BRUT FORC ATT EST
[3]   A novel three-party encrypted key exchange protocol [J].
Chang, CC ;
Chang, YF .
COMPUTER STANDARDS & INTERFACES, 2004, 26 (05) :471-476
[4]  
Choo KKR, 2005, LECT NOTES COMPUT SC, V3788, P585
[5]   Three-party Encrypted Key Exchange: Attacks and a Solution [J].
Lin, Chun-Li ;
Sun, Hung-Min ;
Hwang, Tzonelih .
Operating Systems Review (ACM), 2000, 34 (04) :12-20
[6]  
Diffie W., 1992, Designs, Codes and Cryptography, V2, P107, DOI 10.1007/BF00124891
[7]   NEW DIRECTIONS IN CRYPTOGRAPHY [J].
DIFFIE, W ;
HELLMAN, ME .
IEEE TRANSACTIONS ON INFORMATION THEORY, 1976, 22 (06) :644-654
[8]  
Ding Y., 1995, Operating Systems Review, V29, P77, DOI 10.1145/219282.219298
[9]   Cryptanalysis of simple three-party key exchange protocol [J].
Guo, Hua ;
Li, Zhoujun ;
Mu, Yi ;
Zhang, Xiyong .
COMPUTERS & SECURITY, 2008, 27 (1-2) :16-21
[10]   A simple three-party password-based key exchange protocol [J].
Huang, Hui-Feng .
INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2009, 22 (07) :857-862
123