CRYPTANALYSIS OF SOME CLIENT-TO-CLIENT PASSWORD-AUTHENTICATED KEY EXCHANGE PROTOCOLS
The cross-domain client-to-client passwordauthenticated key exchange (C2C-PAKE) protocols allow two client entities from different domains to establish a shared common session key based on their passwords. Most existing schemes make an improvement based on the prototype of the C2C-PAKE protocol proposed by Byun20071. Recently, Feng et al2 and Liu et al3 respectively proposed an efficient C2C-PAKE protocol which was based on the public key mechanism. In this paper, by cryptanalysis on these schemes, we find that the above protocols are easy to suffer from some unknown key share attacks, and furthermore, we search out the reasons that cause these situations happened and give some suggestions to improve these situations.
authentication cryptanalysis password-authenticated key agreement crossdomain
Xiaobiao Li Qiaoyan Wen
State Key Laboratory of Networking and Switching Technology,Beijing University of Posts and Telecommunications, Beijing, 100876, China
国际会议
北京
英文
654-658
2010-10-26(万方平台首次上网日期,不代表论文的发表时间)