It is the cache of ${baseHref}. It is a snapshot of the page. The current page could have changed in the meantime.
Tip: To quickly find your search term on this page, press Ctrl+F or ⌘-F (Mac) and use the find bar.

International Journal of Wireless and Microwave Technologies(IJWMT))

International Journal of Wireless and Microwave Technologies(IJWMT)

ISSN: 2076-1449(Print),ISSN: 2076-9539(Online)
DOI: 10.5815/ijwmt

Published By: MECS Publisher
  • IJWMT Vol.1, No.5, October 2011

A Three-Party Password Authenticated Key Exchange Protocol with Key Confirmation

 
Full Text (PDF, 172KB), PP.16-22  
Author(s)  
Gang Yao  
Index Terms  
Three-party password authenticated key exchange; key confirmation; pairing; security requirements  
Abstract  
Three-party authenticated key exchange protocol is an important cryptographic technique in the secure communication areas, by which any two clients can verify the ability to use a server to establish communication. Recently, researchers have begun proposing new key exchange protocols that would not require the use of server public keys, but a human-memorable password. In this paper, we propose a new three-party password authenticated key exchange protocol with key confirmation. The security of our proposed protocol relies on the hardness of the bilinear Diffie-Hellman problem and Diffie-Hellman problem in the random oracle model, and the proposed protocol achieves the security attributes: dictionary attack resilience, known session key security, perfect forward secrecy, no key compromise impersonation, no unknown key share and no key control.
 
Reference  
[1] M. Abdalla, P. Fouque, and D. Pointcheval. "Password-Based Authenticated Key Exchange in the Three-Party Setting". International Workshop on Theory and Practice in Public Key Cryptography, LNCS 3386, Springer-Verlag, pp. 65-84, 2005.
[2] S. Bellovin and M. Merritt. "Encrypted Key Exchange: Password-based Protocols Secure Against Dictionary Attacks". Symposium on Security and Privacy, IEEE Computer Society, pp. 72-84, 1992.
[3] C. Boyd and A. Mathuria. Protocols for Authentication and Key Establishment. Springer-Verlag, 2003.
[4] C. Boyd, P. Montague and K. Nguyen. "Elliptic Curve Based Password Authenticated Key Exchange Protocols". Australasian Conference on Information Security and Privacy, LNCS 2119, Springer-Verlag, pp. 487-501, 2001.
[5] M. Bellare, D. Pointcheval, and P. Rogaway. "Authenticated Key Exchange Secure Against Dictionary Attacks". Advances in Cryptology − Proceedings of EUROCRYPT 2000, LNCS 1807, Springer-Verlag, pp. 139-155, 2000.
[6] Y. Chang. "A Practical Three-party Key Exchange Protocol with Round Efficiency". International Journal of Innovative Computing, vol. 4, no. 4, pp. 953-960, 2008.
[7] H. Chung and W. Ku, "Three Weaknesses in a Simple Three-Party Key Exchange Protocol". Information Science, vol. 178, no. 1, pp. 220-229, 2008.
[8] R. Gennaro. "Faster and Shorter Password-Authenticated Key Exchange". Theory of Cryptography Conference, LNCS 4948, Springer-Verlag, pp. 589-606, 2008.
[9] J. Katz, R. Ostrovsky and M. Yung. "Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords". Advances in Cryptology − Proceedings of EUROCRYPT 2001, LNCS 2045, Springer-Verlag, pp. 475-494, 2001.
[10] S. Lee, H. Kim and K. Yoo. "Efficient Verifier-based Key Agreement Protocol for Three Parties without Server's public key". Applied Mathematics and Computation, vol. 167, pp. 996-1003, 2005.
[11] C. Lin, H. Sun, and T. Hwang. "Three-Party Encrypted Key Exchange: Attacks and a Solution". ACM Operating Systems Review, vol. 34, no. 4, pp. 12-20, 2000.
[12] R. Lu, and Z. Cao. "Simple Three-Party Key Exchange Protocol". Computers & Security, vol. 26, no. 1, pp. 94-97, 2007.
[13] J. Nam, Y. Lee, S. Kim, and D. Won. "Security Weakness in a Three-party Pairing-based Protocol for Password Authenticated Key Exchange". Information Sciences, vol. 177, pp. 1364-1375, 2007.
[14] R. Phan, W Yau, and B. Goi. "Analysis of Two Pairing-based Three-party Password Authenticated Key Exchange Protocols". International Conference on Network and System Security, IEEE Computer Society, pp. 102-8106, 2009.
[15] R. Wang and K. Mo. "Security Enhancement on Efficient Verifier-based Key Agreement Protocol for Three Parties without Server's Public Key". International Mathematical, vol. 1, no. 20, pp. 965-972, 2006.
[16] H. Wen, T. Lee, and T. Hwang. "Provably Secure Threeparty Password-based Authenticated Key Exchange Protocol using Weil Pairing". IEE Proceedings − Communications, vol. 152, no. 2, pp. 138-143, 2005.
 
Citation  

Gang Yao,"A Three-Party Password Authenticated Key Exchange Protocol with Key Confirmation", IJWMT, vol.1, no.5, pp.16-22, 2011.