2014
DOI: 10.1155/2014/479534
|View full text |Cite
|
Sign up to set email alerts
|

On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys

Abstract: Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot pr… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
9
0

Year Published

2014
2014
2016
2016

Publication Types

Select...
5
1
1

Relationship

4
3

Authors

Journals

citations
Cited by 7 publications
(9 citation statements)
references
References 14 publications
0
9
0
Order By: Relevance
“…Therefore, the lack of anonymity in Yoon and Kim's scheme raises some problems that need to be addressed by providing user anonymity through a protection technique. To solve this problem, it is necessary to use anonymity identification AID in the WSNs communication instead of sending a normal ID [21][22][23].…”
Section: Lack Of Anonymity Figure 5 Describes How Yoon Andmentioning
confidence: 99%
“…Therefore, the lack of anonymity in Yoon and Kim's scheme raises some problems that need to be addressed by providing user anonymity through a protection technique. To solve this problem, it is necessary to use anonymity identification AID in the WSNs communication instead of sending a normal ID [21][22][23].…”
Section: Lack Of Anonymity Figure 5 Describes How Yoon Andmentioning
confidence: 99%
“…S-IA-3PAKE, S-EA-3PAKE [23] Vulnerable to an offline dictionary attack and a man-in-the-middle attack [31] Invalidated by a passive attack (see Section 3.…”
Section: Protocolmentioning
confidence: 99%
“…Many of these protocols have never been proven secure in any model [3,13,[17][18][19][20][21] and/or have been found to be vulnerable to some attack(s) [2,3,5,6,8,[18][19][20]23,[26][27][28][29][30][31][32]. Some protocols [2,11,12,15,23,24] have been proven secure only in a restricted model, in which the adversary is not allowed to corrupt protocol participants, and thus, no attacks by malicious clients can be captured.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…One of the fundamental problems in the areas of cryptography and communication security is authentication to enable two parties communicating over a public network to establish a high-entropy secret key from their low entropy passwords [1]. Many password based authentication protocols were designed to solve this problem and often showed the security vulnerabilities including password guessing attack, replay attack, insider attack, and many more attacks [2][3][4][5][6][7][8].…”
Section: Introductionmentioning
confidence: 99%