Enhanced password-based simple three-party key exchange protocol
- Authors
- Kim, Hyun-Seok; Choi, Jin-Young
- Issue Date
- 1월-2009
- Publisher
- PERGAMON-ELSEVIER SCIENCE LTD
- Keywords
- Password-based key exchange protocol; Undetectable on-line guessing attack; BPR model
- Citation
- COMPUTERS & ELECTRICAL ENGINEERING, v.35, no.1, pp.107 - 114
- Indexed
- SCIE
SCOPUS
- Journal Title
- COMPUTERS & ELECTRICAL ENGINEERING
- Volume
- 35
- Number
- 1
- Start Page
- 107
- End Page
- 114
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/120800
- DOI
- 10.1016/j.compeleceng.2008.05.007
- ISSN
- 0045-7906
- Abstract
- Recently, Lu and Cao proposed a simple three-party password-based key exchange (STPKE) protocol based on the CCDH assumption. They claimed that their protocol is secure, efficient, and practical. In this paper, unlike their claims, we find that the STPKE protocol is still vulnerable to undetectable on-line password guessing attacks by using formal description, BPR model. These weakness is due to the fact that the messages of the communicants are not appropriately encrypted into the exchanged cryptographic messages. To enhance the security of the STPKE protocol, we suggest a countermeasure to resist our described attacks while the merits of the original protocol are left unchanged. (C) 2008 Elsevier Ltd. All rights reserved.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.