Cryptanalysis of an Enhanced Simple Three-Party Key Exchange Protocol

被引:0
作者
Kim, Hae-Jung [2 ]
Yoon, Eun-Jun [1 ]
机构
[1] Kyungil Univ, Sch Comp Engn, 33 Buho Ri, Kyungsan Si 712701, Kyungsangpuk Do, South Korea
[2] Keimyung Univ, Coll Liberal Educ, Taegu 704701, South Korea
来源
SECURITY TECHNOLOGY | 2011年 / 259卷
关键词
Authentication; 3PAKE; Password; Three-party key exchange; Network security; Dictionary attack;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
A simple three-party password-based authenticated key exchange (S-3PAKE) protocols are extremely important to secure communications and are now extensively adopted in network communications. In 2009 et al. pointed out that S-3PAKE protocol, by Lu and Cao for password-authenticated key exchange in the three-party setting, is vulnerable to an off-line dictionary attack. Then, they proposed some countermeasures how to eliminate the security vulnerability of the S-3PAKE. Nevertheless, this paper points out their enhanced S-3PAKE protocol is still vulnerable to undetectable on-line dictionary attacks and off-line dictionary attack unlike their claim.
引用
收藏
页码:167 / +
页数:2
相关论文
共 11 条
[1]  
Abdalla M, 2005, LECT NOTES COMPUT SC, V3376, P191
[2]  
[Anonymous], ACM OPERATING SYSTEM
[3]  
Bellovin S. M., 1992, Proceedings. 1992 IEEE Computer Society Symposium on Research in Security and Privacy (Cat. No.92CH3157-5), P72, DOI 10.1109/RISP.1992.213269
[4]   Three weaknesses in a simple three-party key exchange protocol [J].
Chung, Hao-Rung ;
Ku, Wei-Chi .
INFORMATION SCIENCES, 2008, 178 (01) :220-229
[5]   Cryptanalysis of simple three-party key exchange protocol [J].
Guo, Hua ;
Li, Zhoujun ;
Mu, Yi ;
Zhang, Xiyong .
COMPUTERS & SECURITY, 2008, 27 (1-2) :16-21
[6]   Enhanced password-based simple three-party key exchange protocol [J].
Kim, Hyun-Seok ;
Choi, Jin-Young .
COMPUTERS & ELECTRICAL ENGINEERING, 2009, 35 (01) :107-114
[7]   Enhanced three-party encrypted key exchange without server public keys [J].
Lee, TF ;
Hwang, T ;
Lin, CL .
COMPUTERS & SECURITY, 2004, 23 (07) :571-577
[8]   Simple three-party key exchange protocol [J].
Lu, Rongxing ;
Cao, Zhenfu .
COMPUTERS & SECURITY, 2007, 26 (01) :94-97
[9]   An Off-Line Dictionary Attack on a Simple Three-Party Key Exchange Protocol [J].
Nam, Junghyun ;
Paik, Juryon ;
Kang, Hyun-Kyu ;
Kim, Ung Mo ;
Won, Dongho .
IEEE COMMUNICATIONS LETTERS, 2009, 13 (03) :205-207
[10]   Cryptanalysis of simple three-party key exchange protocol (S-3PAKE) [J].
Phan, Raphael C. -W. ;
Yau, Wei-Chuen ;
Gol, Bok-Min .
INFORMATION SCIENCES, 2008, 178 (13) :2849-2856
12