Authenticated key exchange protocols resistant to password guessing attacks

A user-chosen password is not appropriate for a shared secret by which an authenticated key exchange protocol is operated. This is because users choose their passwords so that they can be easily memorised and can be typed using an alphabetic keyboard or a numeric keypad. Therefore, the password becomes a weak secret which is vulnerable to guessing attacks. However, users prefer to utilise the short easily memorised passwords. Several protocols, which are resistant to guessing attacks, have been developed to overcome this problem. However, they are inefficient in terms of the computation and communication costs. As a more practical solution, the authors propose new authenticated key exchange protocols by reducing the number of random numbers, cipher operations, and protocol steps. To achieve this goal, they deliberately use a one-time pad and a strong one-way hash function in their protocols