Title :
A Three-party Encrypted Key Exchange Protocol with Protected Password Authentication
Author :
Hsing-Chung Chen ; Hsien-Yun Chuang
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Asia Univ., Taichung, Taiwan
Abstract :
In 2008, Yoon and Yoo proposed a password-based 3PEKE scheme, which can improve some secure weaknesses of the password-based 3PEKE scheme. However, in 2009, Lo and Yeh shown that the 3PEKE scheme cannot resist undetectable on-line password guessing attacks and proposed a new approach to solve this problem. Although they actually propose an improved approach, the exchange-message roles are quite different from the traditional 3PEKE schemes in which the key information be exchanged between just one specific client and server. That is, a client will still act as the intermediate role who exchanges the messages flow between the other client and server. In other words, both clients will exchange key information with server, individually. Therefore, we propose an approach, which is called Three-party Encrypted Key Exchange Protocol with Protected Password Authentication (3PEKE-PPA), to improve the traditional password-based 3PEKE scheme. Our scheme can achieve effective implement and resist undetectable on-line password guessing attacks.
Keywords :
client-server systems; computer crime; copy protection; cryptographic protocols; electronic data interchange; message authentication; public key cryptography; client server system; exchange message role; password guessing attack; protected password authentication; three-party encrypted key exchange protocol; 3PEKE; EKE; key exchange protocol; mutual authentication; security;
Conference_Titel :
Frontier Computing. Theory, Technologies and Applications, 2010 IET International Conference on
Conference_Location :
Taichung
DOI :
10.1049/cp.2010.0574
