ScienceGate Book Chapters
JOURNAL ARTICLE

Cryptanalysis and Improvement of a Password-Based Authenticated Three-Party Key Exchange Protocol

Youngsook Lee

Year: 2014 Journal:   International Journal of Security and Its Applications Vol: 8 (4)Pages: 151-160   Publisher: Science and Engineering Research Support Society
DOI: 10.14257/ijsia.2014.8.4.14
   Get Full-Text PDF    Get Analytical Report

Abstract

Protocols for password-based authenticated key exchange (PAKE) in the three-party setting must be designed to be secure against dictionary attacks even in the presence of a malicious insider. In this work, we revisit the three-party PAKE protocol proposed by Kim and Choi in 2009, and demonstrate that the protocol is vulnerable to an insider offline dictionary attack (which allows an adversary to impersonate a legitimate party and initiate transactions). We also show that due to the vulnerability, Kim and Choi’s protocol is rendered insecure in the in distinguish ability-based security model of Bellare, Pointcheval and Rogaway (2000). We propose an improved three-party PAKE protocol which is resistant to all classes of dictionary attacks, including insider offline dictionary attacks and undetectable online dictionary attacks.

Keywords:
Password Cryptanalysis Computer science Authenticated Key Exchange Key exchange Computer security Zero-knowledge password proof Key (lock) Protocol (science) Password strength One-time password Encryption Public-key cryptography Medicine

Metrics

1
Cited By
0.37
FWCI (Field Weighted Citation Impact)
11
Refs
0.70
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Advanced Authentication Protocols Security
Physical Sciences →  Computer Science →  Computer Networks and Communications
User Authentication and Security Systems
Physical Sciences →  Computer Science →  Information Systems
Cryptography and Data Security
Physical Sciences →  Computer Science →  Artificial Intelligence

Related Documents

JOURNAL ARTICLE

Cryptanalysis of a communication-efficient three-party password authenticated key exchange protocol

Shuhua WuQiong PuShengbao WangDebiao He

Journal:   Information Sciences Year: 2012 Vol: 215 Pages: 83-96
JOURNAL ARTICLE

Cryptanalysis and improvement on three-party protocols for password authenticated key exchange

Baoyuan KangJinguang Han

Year: 2010 Vol: 2045 Pages: V5-197
JOURNAL ARTICLE

Cryptanalysis of a three-party password-based authenticated key exchange protocol using Weil pairing

Debiao HeJianhua Chen

Journal:   International Journal of Electronic Security and Digital Forensics Year: 2012 Vol: 4 (4)Pages: 244-244
JOURNAL ARTICLE

Strongly Password-Based Three-Party Authenticated Key Exchange Protocol

Yuanhui LinMengbo HouQiuliang Xu

Year: 2013 Pages: 555-558
JOURNAL ARTICLE

Verifier-Based Three-Party Password Authenticated Key Exchange Protocol

Xiaoyan YangMengbo HouXiaochao Wei

Year: 2016 Vol: 53 (10)
© 2026 ScienceGate Book Chapters — All rights reserved.