DocumentCode
2415692
Title
Improved Client-to-Client Password-Authenticated Key Exchange Protocol
Author
Gang, Yao ; DengGuo, Feng ; Xiaoxi, Han
Author_Institution
State Key Lab. of Inf. Security, Graduate Univ. of Chinese Acad. of Sci., Beijing
fYear
2007
fDate
10-13 April 2007
Firstpage
564
Lastpage
574
Abstract
Password-authenticated key exchange protocols allow two entities who only share a human-memorable password to authenticate each other and agree on a large session key. Most password authenticated key exchange protocols provide an authenticated key exchange between a client and a server based on a pre-shared password. With the development of modern communication environments, it is necessary to design a secure authenticated key exchange between clients. In ICICS´02, Byun et al. presented a client to client password-authenticated key exchange protocol in a cross-realm setting. But the protocol is vulnerable to some attacks by an insider adversary or outsider adversary. In this paper, we present an improved protocol to solve the problem, and prove the improved protocol is secure against all types of attacks considered in the paper
Keywords
cryptographic protocols; message authentication; telecommunication security; client-to-client password-authenticated key exchange protocol; human-memorable password; session key; Authentication; Cryptographic protocols; Cryptography; Dictionaries; Information security; Laboratories; Privacy; Protection; Public key; Resists;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
Conference_Location
Vienna
Print_ISBN
0-7695-2775-2
Type
conf
DOI
10.1109/ARES.2007.99
Filename
4159849
Link To Document