A Three-party Encrypted Key Exchange Protocol with Protected Password Authentication

In 2008, Yoon and Yoo proposed a password-based 3PEKE scheme, which can improve some secure weaknesses of the password-based 3PEKE scheme. However, in 2009, Lo and Yeh shown that the 3PEKE scheme cannot resist undetectable on-line password guessing attacks and proposed a new approach to solve this problem. Although they actually propose an improved approach, the exchange-message roles are quite different from the traditional 3PEKE schemes in which the key information be exchanged between just one specific client and server. That is, a client will still act as the intermediate role who exchanges the messages flow between the other client and server. In other words, both clients will exchange key information with server, individually. Therefore, we propose an approach, which is called Three-party Encrypted Key Exchange Protocol with Protected Password Authentication (3PEKE-PPA), to improve the traditional password-based 3PEKE scheme. Our scheme can achieve effective implement and resist undetectable on-line password guessing attacks.