Cryptanalysis and Improvement on Three-Party Protocols for Password Authenticated Key Exchange
Authentication and key exchange are fundamental for establishing secure communication channels over public insecure networks. Password-based protocols for authenticated key exchange are designed to work even when user authentication is done via the use of passwords drawn from a small known set of values. In 1995, Steiner et al. proposed a password-based authentication key exchange protocol for three-party, where the two clients trying to establish a common secret key do not share a password between themselves but only with a trusted server. Recently, Hung-Min Sun et al. proposed a attack on Steiner et al.s protocol, and proposed a new key agreement protocol for three-party. They claimed their protocol prevented all kind of attacks. However, In this paper, we show that Hung-Min Sun et al.s protocol is insecure. Furthermore, a new improved protocol is proposed.
cryptography authentication key exchange password
Baoyuan Kang Jinguang Han
Computer Science and Software Institution Tianjin Polytechnic University Tianjin, China College of Science Hohai University Nanjin, China
国际会议
上海
英文
197-201
2010-06-22(万方平台首次上网日期,不代表论文的发表时间)