Simple three-party key exchange protocol

Lu, Rongxing; Cao, Zhenfu

doi:10.1016/j.cose.2006.08.005

Cited by 145 publications

(115 citation statements)

References 10 publications

Supporting

Mentioning

115

Contrasting

Order By: Relevance

“…In this paper, it is presented that, STPKE' protocol is vulnerable to an undetectable online password guessing attack, if the identity of the client is exposed, and proposes an alternative protocol by modifying STPKE protocol [12].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Cryptanalysis on a Three Party Key Exchange Protocol-STPKE'

Tallapally¹,

Padmavathy²

2010

Journal of Information Processing Systems

View full text Add to dashboard Cite

Abstract-In the secure communication areas, three-party authenticated key exchange protocol is an important cryptographic technique. In this protocol, two clients will share a human-memorable password with a trusted server, in which two users can generate a secure session key. On the other hand the protocol should resist all types of password guessing attacks. Recently, STPKE' protocol has been proposed by Kim and Choi. An undetectable online password guessing attack on STPKE' protocol is presented in the current study. An alternative protocol to overcome undetectable online password guessing attacks is proposed. The results show that the proposed protocol can resist undetectable online password guessing attacks. Additionally, it achieves the same security level with reduced random numbers and without XOR operations. The computational efficiency is improved by ≈ 30% for problems of size ≈ 2048 bits. The proposed protocol is achieving better performance efficiency and withstands password guessing attacks. The results show that the proposed protocol is secure, efficient and practical.

show abstract

Section: Introductionmentioning

confidence: 99%

“…Recently, Lu and Cao [12] proposed a simple three-party key exchange (STPKE) protocol based on the chosen-basis computational Diffie-Hellman (CCDH) assumption. They claimed that their protocol can resist various attacks and is superior to similar protocols with respect to efficiency.…”

Section: Introductionmentioning

confidence: 99%

Cryptanalysis on a Three Party Key Exchange Protocol-STPKE'

Tallapally¹,

Padmavathy²

2010

Journal of Information Processing Systems

View full text Add to dashboard Cite

show abstract

“…Recently these two Party key exchange protocols are extended to three party [2,3,7,11,12,13,14,15,16,17,18], in which, the two parties initially communicates the passwords with the trusted server securely. Later the server authenticates the clients when they want to agree upon a session key.…”

Section: Introductionmentioning

confidence: 99%

Cryptanalysis of C3 PEKE protocol

Padmavathy¹

2011

IJCA

View full text Add to dashboard Cite

The key exchange protocol using passwords achieved great attention due to its simplicity and efficiency. Recently, Chang proposed a practical three-party key exchange (C-3 PEKE) protocol with round efficiency. Later, Lee and Chang presented an off-line password guessing attack on C-3 PEKE protocol. In the present paper, an impersonation-of-the initiator attack and impersonation-of-the responder attack are demonstrated on C-3 PEKE protocol using the off-line password guessing attack proposed by Lee and Chang..Keywords-C-3 PEKE protocol, off-line password guessing attack, impersonation-of-the-initiator attack, impersonation-ofthe-responder attack

show abstract

“…A number of three-party PAKE protocols have been proposed over the last decade [2,3,5,6,[11][12][13][14][15][16][17][18][19][20][21][22][23][24][25]. Many of these protocols have never been proven secure in any model [3,13,[17][18][19][20][21] and/or have been found to be vulnerable to some attack(s) [2,3,5,6,8,[18][19][20]23,[26][27][28][29][30][31][32].…”

Section: Introductionmentioning

confidence: 99%

Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting

et al. 2015

View full text Add to dashboard Cite

We present the first provably-secure three-party password-only authenticated key exchange (PAKE) protocol that can run in only two communication rounds. Our protocol is generic in the sense that it can be constructed from any two-party PAKE protocol. The protocol is proven secure in a variant of the widely-accepted model of Bellare, Pointcheval and Rogaway (2000) without any idealized assumptions on the cryptographic primitives used. We also investigate the security of the two-round, three-party PAKE protocol of Wang, Hu and Li (2010) and demonstrate that this protocol cannot achieve implicit key authentication in the presence of an active adversary.

show abstract

Simple three-party key exchange protocol

Cited by 145 publications

References 10 publications

Cryptanalysis on a Three Party Key Exchange Protocol-STPKE'

Cryptanalysis on a Three Party Key Exchange Protocol-STPKE'

Cryptanalysis of C3 PEKE protocol

Two-Round Password-Only Authenticated Key Exchange in the Three-Party Setting

Contact Info

Product

Resources

About