SECURITY ENHANCEMENT ON SIMPLE THREE PARTY PAKE PROTOCOL
|
| Title | SECURITY ENHANCEMENT ON SIMPLE THREE PARTY PAKE PROTOCOL |
| Authors | |
| Abstract | In the field of cryptography, the three-party authenticated key exchange protocol is an important tool, especially in the secure communication areas. In this protocol, two clients share a human-memorable password with a trusted server whereby the two clients receive a secure session key. Most recently, Huang proposed a simple and efficient three party password-based key exchange protocol. She claimed that the proposed protocol is secure against various attacks. However, Yoon and Yoo proved an undetectable online password guessing attack on Huang’s protocol. In the present paper, an unknown key share attack on Huang’s three party PAKE protocol using undetectable online password guessing attack is demonstrated. Additionally, an alternative protocol that eliminates this attack is proposed. Moreover, the proposed protocol requires only four message transmission rounds.DOI: http://dx.doi.org/10.5755/j01.itc.41.1.842 |
| Publisher | Kaunas University of Technology |
| Date | 2012-04-24 |
| Source | Informacinės technologijos ir valdymas Vol 41, No 1 (2012) |
| Rights | Copyright terms are indicated in the Republic of Lithuania Law on Copyright and Related Rights, Articles 4-37. |